Re: FreeBSD Security Survey
- From: Allen <slackwarewolf@xxxxxxxxxxx>
- Date: Thu, 25 May 2006 01:25:19 -0400
On Wed, 24 May 2006 15:40:23 -0400
Garance A Drosihn <drosih@xxxxxxx> wrote:
At 2:45 PM -0400 5/24/06, Allen wrote:
>
> It really depends on how many machines you have, on how
> many different tasks they have and on which archictures
> you're running.
>
The answer is: build host + jails for a testing environment...
This'll reduce your actual downtime.
Did you just tell him to get another computer for each arch
to have as a build machine???
Being a broke college student I don't think that's something
I'd ever do to install updates on my boxes. I can't afford
another computer just to build updates when every other OS
I use does updates in another way....
If you are a college student with a few machines that
you work with, then you can afford some downtime.
Note that the person was talking about the problems of
doing source updates on TEN machines. If you own ten
machines, and if all of those ten machines must have zero
downtime and rock-solid reliability, then you really
have to find the money for an eleventh machine. That is
just the cost of doing business. Find the money to do
the job right, or expect to go out of business the first
day that Murphy's Law comes knockin' at your door.
That issue of ten or more machines is completely separate
from the issue of how well the ports collection itself
should work, of course. But you can't complain about
the cost of one machine *WHEN* you are moaning about the
problems of owning ten machines which must be up 24/7.
"Pity the poor college student, with their personally-
owned data center of 50 machines split across five
different architectures." Uh, no. I won't. Anyone
who can afford that much hardware has more money than
I do!
Yes, I can afford down time.
There is one thing I've kept with me in my two years of using Unix / Linux / BSD:
It's better to bring a machine down or reboot because you're installing updates, than to do so because you were rooted with an exploit that a patch was released for 3 months ago..
Served me well.
As I've said, I will continue to not only use, but support FreeBSD, no matter if they take my ideas or not. It doesn't matter, I'll use it anyway and continue to buy the CD sets and the books and the shirts, the stickers, and even the boxers (Comfy boxers by the way) because I believe in it.
I'd just like to be able to have the option of installing fixes the way Linux does because then you don't need a build box. And you don't need to take a machine down for a while as you're installing them.
I'm not saying dump the current system, not even close, I'm just saying it would be nice to have the option to install patches like slackware at least.
IF I was a good programmer I'd be working on that now, but, I have very little coding skill. I can do some very little Perl, and I'm working on learning C because I want to help with FreeBSD and Linux. And because I'd never really be bored.
I mean seriously, a pot of coffee or a case of RedBull and a BSD or Linux box, you don't even need X if you know how to code, you'd be able to do something. It's one of my goals in life, to be a Unix wizard. Which is of course why I've chosen Perl and C. Perl was made for Unix and so was C.
Anyway I'm rambling on. So my idea is that for.... Hmm I counted a good number of people, who said they don't install patches because it just takes to much time.
That's a lot of people, considering not everyone is going to reply, and not everyone who uses it is on thie list... And that's dangerous considering what someone can do to an un patched machine.
So for those people and me who can't really spend a day or so doing updates, I'd just like it if Free BSD had a system in place (Which could be added to sysinstall) where you can sit down, use wget to grab some patches, and then either use upgradepkg or an app similar to it, to install the patch.
It would save a LOT of time, and people would be more likely to install patches who don't now.
The people who install their patches right now aren't going to care. They would most likely continue using what they do now... The people who said they won't install them probably would because it would be easier to do, and hell you could even make a little Perl script that checkes a BSD update server each night for new updates and then grabs and installs them.
I'd love that. I'm sure I'm not alone. And as I've said before, I'm not comparing FreeBSD to Slackware, but I don't think it's any secret that Slackware loves FreeBSD. FreeBsdmall and the Slackware store, if you make an order from both, they come in the same box!
Each semester I get some cash from my college, I use it for things I need, and so I blew 700 dollars at FreeBSDmall and the Slackware store. I paid extra for the overnight and second day shipping, and the next day, not even 20 hours after I placed my order, it was at my house. Both of them. in the same box.
-Allen
--_______________________________________________
Garance Alistair Drosehn = gad@xxxxxxxxxxxxxxxxxxxx
Senior Systems Programmer or gad@xxxxxxxxxxx
Rensselaer Polytechnic Institute or drosih@xxxxxxx
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- References:
- Re: FreeBSD Security Survey
- From: Roger Marquis
- Re: FreeBSD Security Survey
- From: Yann Golanski
- Re: FreeBSD Security Survey
- From: Marian Hettwer
- Re: FreeBSD Security Survey
- From: Allen
- Re: FreeBSD Security Survey
- From: Garance A Drosihn
- Re: FreeBSD Security Survey
- Prev by Date: Re: FreeBSD Security Survey
- Next by Date: Re: FreeBSD Security Survey
- Previous by thread: Re: FreeBSD Security Survey
- Next by thread: Re: FreeBSD Security Survey
- Index(es):
Relevant Pages
|
|
