Date: Fri, 20 Mar 1998 20:36:57 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: gkshenaut@ucdavis.edu Cc: stable@FreeBSD.ORG Subject: Re: after the release ... Message-ID: <Pine.BSF.3.96.980320203224.22356A-100000@cyrus.watson.org> In-Reply-To: <199803201901.LAA03383@myrtle1.bogs.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Mar 1998, Greg Shenaut wrote: > Has anyone seen the BSDI approach to post-release patches? Once a I have, and agree that they would be a great addition to the FreeBSD patch system :). One thing I'd like to see the FreeBSD binary patches do is pull the static cvs-introduced $Id:$ string out of the binary and check to see whether it is newer or older than the patched version to be installed. This would prevent accidents. :) Similarly, I really like the ability to ask the patch what it is going to do (exact list of actions) before it installs. > What about security? This is an *excellent* point. It's a bit risky > to be blindly applying emailed or posted patches to your system. I > do not have a good answer to this--perhaps it is a strong argument > against mailing or posting the patches; maybe they should only be > downloaded directly from a central, secure site. I would lean towards the following-- 1) All patches are signed using a patch PGP key which can be verified in the traditional manner. 2) Patches can be retrieved from https://patch.freebsd.org/ via SSL (TLS?). Normal certificate hierarchies could be used to verify that the certificate for communications is correct. FreeBSD, Inc., would presumably have to buy their verisign certificate or whatever. The second is not quite as good as the first, but in terms of deployment of certificate-verification software, I'd bet on Netscape over PGP for your average user. Which is who the binary patches are aimed at anyway. > Anyway, think this scheme would work well; it can be implemented > noncentrally, by each developer, and it allows people to rely much > more on the RELEASE versions, plus patches. I like the sound of this, and would be willing to work on this with whoever is interested. We run -stable and -current on most of our machines, but leaving hard-to-reach (i.e., low-bandwidth hookup) machines at -release and applying binary patches would be very desirable! Robert N Watson Carnegie Mellon University http://www.cmu.edu/ SafePort Network Services http://www.safeport.com/ robert@fledge.watson.org http://www.watson.org/~robert/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980320203224.22356A-100000>