Date: Wed, 15 Nov 2000 14:00:02 -0800 From: Kris Kennaway <kris@FreeBSD.ORG> To: Igor Roshchin <str@giganda.komkon.org> Cc: kris@FreeBSD.ORG, rraykov@sageian.com, security@FreeBSD.ORG Subject: Re: problem using sysinstall Message-ID: <20001115140002.B22524@citusc17.usc.edu> In-Reply-To: <200011152148.QAA88899@giganda.komkon.org>; from str@giganda.komkon.org on Wed, Nov 15, 2000 at 04:48:39PM -0500 References: <20001115131226.A21677@citusc17.usc.edu> <200011152148.QAA88899@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--O5XBE6gyVG5Rl6Rj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Nov 15, 2000 at 04:48:39PM -0500, Igor Roshchin wrote: > Well, although we all understand what is "The Good Thing", > the reality of life makes us to do some compromises. > I believe, several (I would even say `many' ) > people on this list have done upgrades=20 > (either via "make world" or via sysinstall) a) remotely Many people like to jump out of planes for thrills, too :-) > What can be done about it ? > 1. Obvious way: Make a statement "This is a BAD thing", > so if you do it, it's your problem. > (I am not criticizing or flaming anybody here.) Already done :) > 2. May be keep such possibilities (multiuser-mode upgrade) The problem is endemic to what sysinstall is doing. Installing the bin distribution overwrites /etc, which resets settings to the default. Theres no way to keep your system secure until you go back and merge your changes. Thats why you have to make it appropriately single-user until you've done that step. Kris --O5XBE6gyVG5Rl6Rj Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (FreeBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoTB18ACgkQWry0BWjoQKUURACfWGgrhI59QKx/79k8v1ttoseb HZEAnAsvXBvIuhIQbjlwlKw1LrzHmqeY =jO+l -----END PGP SIGNATURE----- --O5XBE6gyVG5Rl6Rj-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001115140002.B22524>