From owner-freebsd-current@FreeBSD.ORG Sun Dec 18 01:19:26 2005 Return-Path: X-Original-To: current@freebsd.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BCC116A41F; Sun, 18 Dec 2005 01:19:26 +0000 (GMT) (envelope-from scottl@samsco.org) Received: from pooker.samsco.org (pooker.samsco.org [168.103.85.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3FC3943D5D; Sun, 18 Dec 2005 01:19:25 +0000 (GMT) (envelope-from scottl@samsco.org) Received: from [192.168.254.11] (junior.samsco.home [192.168.254.11]) (authenticated bits=0) by pooker.samsco.org (8.13.4/8.13.4) with ESMTP id jBI1JMnx036781; Sat, 17 Dec 2005 18:19:23 -0700 (MST) (envelope-from scottl@samsco.org) Message-ID: <43A4B91D.8040304@samsco.org> Date: Sat, 17 Dec 2005 18:19:25 -0700 From: Scott Long User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.8) Gecko/20050615 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter Jeremy References: <43A266E5.3080103@samsco.org> <20051217215434.GB92180@svcolo.com> <20051217220807.GA28741@freebie.xs4all.nl> <43A492B6.6050305@t-hosting.hu> <20051217232856.GT77268@cirb503493.alcatel.com.au> In-Reply-To: <20051217232856.GT77268@cirb503493.alcatel.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.4 required=3.8 tests=ALL_TRUSTED autolearn=failed version=3.1.0 X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on pooker.samsco.org Cc: stable@freebsd.org, =?ISO-8859-1?Q?K=F6vesd=E1n_G=E1bor?= , current Subject: FreeBSD Update is the binary update solution [Re: HEADS UP: Release schedule for 2006] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 18 Dec 2005 01:19:26 -0000 Peter Jeremy wrote: > On Sat, 2005-Dec-17 23:35:34 +0100, Kövesdán Gábor wrote: > >>I agree. And after all, tracking a security branch isn't too difficult, > > ... > >># cd /usr/src >># patch < /path/to/patch >># cd /usr/src/gnu/usr.bin/cvs/cvsbug >># make obj && make depend && make && make install >># cd /usr/src/gnu/usr.bin/send-pr >># make obj && make depend && make && make install >> >>Is that difficult? > > > Speaking as a developer, I think it's trivially easy. > > As an end user, I don't think this is acceptable. Firstly, it > requires that the user has installed the src distribution - which is > optional. Secondly, the user is expected to use development tools > without understanding what they do - this is scary for them. Running > the above commands is OK as long as nothing goes wrong but the > "support" group (who inhabit -questions and answer seemingly silly > questions) are going to have to cope with people who've made a typo > somewhere in the sequence and can't explain exactly what they did - > without putting them off FreeBSD. > > I think FreeBSD Update shows the way forward but IMHO there needs to > be an "official" binary update tool accessible from www.freebsd.org. > FreeBSD Update was written by, and is continuously maintained by the actual FreeBSD Security Officer. It's as official as it gets. If the only barrier to acceptance is that it's not distributed from the FreeBSD.org domain, then a) that's a silly argument, and b) it's easily solvable so long as Colin agrees. Scott