Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip

From: Brett Glass (brett@lariat.org)
Date: 04/18/02


Date: Thu, 18 Apr 2002 11:49:24 -0600
To: nate@yogotech.com (Nate Williams)
From: Brett Glass <brett@lariat.org>

At 10:29 AM 4/18/2002, Nate Williams wrote:

>Who said anything about building it every night?

Many people are suggesting that one CVSup every night.

>> Nor is downloading a random snapshot. (Which one can't seem to do
>> anyway these days; releng4.freebsd.org is refusing
>
>Who said anything about a 'random' snapshot. Pick the snapshot that has
>the fix applied (using the date), and build it.

How does one know that there isn't a system-crashing bug in some other
part of the tree for the same date? What's needed is not just the
snapshot that happened to be available that day (or today) but one
that's known to be reasonably stable. Remember, a snapshot of -STABLE
taken on a random day is not guaranteed even to boot!

>There is. Download the 'random snapshot' using the RELENG_4_5 tag.
>All I see from you is a lot of bitching about how the FreeBSD project
>didn't hold your hand tight enough

Not true at all. What administrators using FreeBSD need is not
"hand-holding" but a way to upgrade to a known good snapshot.
Not necessarily the absolute latest, but one with the needed
patches which others have seen to work.

>and have a developer show up on your
>doorstop to install and verify every single version of FreeBSD you use.

I'm a developer myself, and therefore understand the value of testing.
It should be possible to get a snapshot ("patch level N," or whatever)
which one knows that others have tried and have found to work. As an
administrator, you should want this too.

--Brett Glass

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message