Date: Tue, 1 Jan 2002 16:16:46 -0600 From: Rob Andrews <rob@cyberpunkz.org> To: cjclark@alum.mit.edu, "Crist J. Clark" <cristjc@earthlink.net>, Robert Watson <rwatson@FreeBSD.ORG> Cc: John Hay <jhay@icomtek.csir.co.za>, Randy Bush <randy@psg.com>, freebsd-security@FreeBSD.ORG Subject: Re: openssh version Message-ID: <200201011538.44206@cyberpunkz.org> In-Reply-To: <20020101130601.A153@gohan.cjclark.org> References: <200201010631.g016Va856231@zibbi.icomtek.csir.co.za> <Pine.NEB.3.96L.1020101123222.14067C-100000@fledge.watson.org> <20020101130601.A153@gohan.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 01 January 2002 15:06, Crist J. Clark wrote: [- snip -] While I have no arguement with these issues there is one thing that I do however have issue with in regard to the current way openssh is handled between the base system and the port. Since the base system version does not install in the local file system, nor does the port version by default install in the base file system, there should be a clear way to force the port version to be able to install over the current base system or to have the base system version be deinstalled when you install the port so as to not have conflicting versions on the system. Its impractical to have the version in the base system be started up from the system rc yet the port version installs with a startup script unless you delete the shell script and change the location in the rc.conf of the new version to run. Which still leaves the old version on the system which in some cases might be flawed or not be desirable to an admin to have it on their system. Saying this brings up the point that the version in the base system of 4.4-stable was in fact a flawed version of openssh and unless people were reminded or on the ball enough to realize that the port version doesn't install over the base system version, they might very well have the old version of sshd startup on the system upon rebooting the machine. I think the point really is that the way its currently handled, its just very messy and should be thought out more clearly on how a peice of software that is part of the security of a system should be managed as to insure that the software is effective in its task. Brutally put, this is a poor system currently and needs to be more clearly laid out for people who are attempting to grasp how freebsd can be benificial over other systems. Ease of managing the software upgrades is probably one of the bigger sell points to myself and several others I know that use freebsd religiously. Just my two cents.. Happy New Year.. Rob Andrews Cyberpunk Alliance http://cyberpunkz.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201011538.44206>