Date: Mon, 22 May 2006 11:43:05 +0200 From: Michel Talon <talon@lpthe.jussieu.fr> To: freebsd-stable@freebsd.org Subject: Re: FreeBSD Security Survey Message-ID: <20060522094305.GA70157@lpthe.jussieu.fr>
next in thread | raw e-mail | index | archive | help
>> ports tree in the process, the end result is a bit more undefined. One >> thing that I wish for is that the ports tree would branch for releases, >> and that those branches would get security updates. I know that this >> would involve an exponentially larger amount of effort from the ports >> team, and I don't fault them for not doing it. Still, it would be nice >> to have. > >Yes, totally agree. >That's the way OpenBSD ports tree works and it worked very well for me. >Thus not to say FreeBSD's one didn't, but it takes a lot more attention, >which isn't always a bad thing ;) OpenBSD doesn't have next to 15000 ports. In my opinion, this richness is one of the main assets of FreeBSD, and by necessity implies a great difficulty to maintain everything in a coherent and secure state. You have only to contemplate the years it took to release Debian Sarge to convince yourself. Personnally i am quite pleased with the present state of the FreeBSD ports, i think it is in a much better state than a couple of years before, and for my own use, security is a very secondary issue. People who have machines exposed on the internet usually have a small number of ports installed, and can maintain them in the latest secure version. I have around 600 ports installed on my 6.1 machine, which will certainly grow in time, and no intention whatsoever to run portupgrade on that. -- Michel TALON
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060522094305.GA70157>