Date: Tue, 18 Jun 2002 18:27:41 -0700 From: Lawrence Sica <lomifeh@earthlink.net> To: security@FreeBSD.ORG Subject: Re: CDs with patched Apache? Message-ID: <3D0FDE0D.2040100@earthlink.net> References: <200206180539.XAA26264@lariat.org> <200206180539.XAA26264@lariat.org> <4.3.2.7.2.20020618033604.00d42aa0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass wrote: > At 12:31 AM 6/18/2002, Kameron Gasso wrote: > > >>Wasn't the fact that -RELEASE branches don't get updated with new packages already discussed extensively in the not-so-distant past? > > > Some folks yelled at me for pointing it out, but alas there was no > real discussion of how to solve the problem. > > >>Although it wouldn't be very glamorous (and I certainly wouldn't reccommend it), the port installed with the latest -RELEASE could be "broken" so it wouldn't download and install without someone forcing it. Still, this wouldn't really encourage them to upgrade their ports tree - it'd more than likely just cause much swearing and force people to work around the problem. > > > It'd still be a warning. Hmmm.... Maybe the warning could be made part > of pkg_add, and/or something that pkg_add executed. It would simply say, > "proceed at your own risk!" > > But if you were installing from CD, you wouldn't be warned. Unless.... > Unless pkg_add phoned home to check on the package. Which is possible > if the machine can be connected to the Net. > This is probably not feasible. I for one when installing from CD do not network the machine until I have done a bunch of other things first to secure it. That is why I use CD's beyond it being quicker and more reliable is so I can setup a box in a secure environment (Not networked). Plus the idea of the CD is to not need/require a network connection. Honestly I never use the CD packages since they will be outdated by the time I use it. --Larry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D0FDE0D.2040100>