From owner-freebsd-security Mon Jul 20 12:05:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA23913 for freebsd-security-outgoing; Mon, 20 Jul 1998 12:05:15 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA23902 for ; Mon, 20 Jul 1998 12:05:09 -0700 (PDT) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0yyLEw-0004G3-00; Mon, 20 Jul 1998 12:04:50 -0700 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id MAA09610; Mon, 20 Jul 1998 12:04:47 -0700 Date: Mon, 20 Jul 1998 12:04:47 -0700 (PDT) Reply-To: patl@phoenix.volant.org Subject: Re: Automatic updates Was: Why is there no info on the QPOPPER hack? To: Brett Glass cc: security@FreeBSD.ORG In-Reply-To: <199807201740.LAA20525@lariat.lariat.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > At 11:28 AM 7/20/98 -0500, you wrote: > > >You don't expect all of your software to automaticly upgrade for you, do > >you? > > That's a darn good idea. Several Windows apps do this already. Why not > the FreeBSD ports? You obviously haven't seen any of the flack Micro$oft is getting about this 'feature'. Most third parties are recommending turning it off. (The biggest problem seems to be that it doesn't track enough of the system config info to make sure the updated version is actually compatible with the rest of the system.) Also, can you say 'major security hole'? Sure you can. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message