Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip

From: Brett Glass (brett@lariat.org)
Date: 04/18/02


Date: Thu, 18 Apr 2002 11:49:24 -0600
To: nate@yogotech.com (Nate Williams)
From: Brett Glass <brett@lariat.org>

At 10:29 AM 4/18/2002, Nate Williams wrote:

>Who said anything about building it every night?

Many people are suggesting that one CVSup every night.

>> Nor is downloading a random snapshot. (Which one can't seem to do
>> anyway these days; releng4.freebsd.org is refusing
>
>Who said anything about a 'random' snapshot. Pick the snapshot that has
>the fix applied (using the date), and build it.

How does one know that there isn't a system-crashing bug in some other
part of the tree for the same date? What's needed is not just the
snapshot that happened to be available that day (or today) but one
that's known to be reasonably stable. Remember, a snapshot of -STABLE
taken on a random day is not guaranteed even to boot!

>There is. Download the 'random snapshot' using the RELENG_4_5 tag.
>All I see from you is a lot of bitching about how the FreeBSD project
>didn't hold your hand tight enough

Not true at all. What administrators using FreeBSD need is not
"hand-holding" but a way to upgrade to a known good snapshot.
Not necessarily the absolute latest, but one with the needed
patches which others have seen to work.

>and have a developer show up on your
>doorstop to install and verify every single version of FreeBSD you use.

I'm a developer myself, and therefore understand the value of testing.
It should be possible to get a snapshot ("patch level N," or whatever)
which one knows that others have tried and have found to work. As an
administrator, you should want this too.

--Brett Glass

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip
    ... Remember, a snapshot of -STABLE ... It is pretty unchanging, and never gets feature updates, so ... What administrators using FreeBSD need is not ... Administrators HAVE 'a way to upgrade to a known good snapshot.' ...
    (FreeBSD-Security)
  • Re: Fwd: Re: Can *you* UFS snapshot a filesystem with 9.0-BETA1?
    ... snapshots on freebsd before. ... KDB: stack backtrace: ... Once rebooted, the snapshot file appears to exist, but is unusable. ...
    (freebsd-current)
  • Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip
    ... How is doing a CVSup and building a release related? ... >>Who said anything about a 'random' snapshot. ... What administrators using FreeBSD need is not ... If you want a *completely* stable release without bad patches (to the ...
    (FreeBSD-Security)
  • Re: howto sidestep sysinstall during installation
    ... FreeBSD doesn't work this way, you are trying to fit FreeBSD into your ... -Current (aka HEAD) is the place where active development on the next ... A Snapshot is a frozen in time snapshot of -Current. ...
    (freebsd-questions)
  • Re: continuous backup solution for freebsd?
    ... there is no way to do near continuous backups on FreeBSD servers. ... more to say on that issue (not against R1Soft, ... ZFS also has snapshot capability, but does not have real-time filesystem ...
    (freebsd-questions)