Date: Thu, 25 May 2006 01:25:19 -0400 From: Allen <slackwarewolf@comcast.net> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Survey Message-ID: <20060525012519.4e4e626d@hydrocodone.org> In-Reply-To: <p06230905c09a5acceffb@[128.113.24.47]> References: <20060523120100.37D2B16A54F@hub.freebsd.org> <20060523083944.H96736@eboyr.pbz> <20060523160051.GA78620@kierun.org> <44741A43.40302@kernel32.de> <20060524144537.46463a90@hydrocodone.org> <p06230905c09a5acceffb@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 May 2006 15:40:23 -0400 Garance A Drosihn <drosih@rpi.edu> wrote: > At 2:45 PM -0400 5/24/06, Allen wrote: > > > > > > It really depends on how many machines you have, on how > > > many different tasks they have and on which archictures > > > you're running. > > > > >> The answer is: build host + jails for a testing environment... > >> This'll reduce your actual downtime. > >> > > > >Did you just tell him to get another computer for each arch > >to have as a build machine??? > > > >Being a broke college student I don't think that's something > >I'd ever do to install updates on my boxes. I can't afford > >another computer just to build updates when every other OS > >I use does updates in another way.... > > If you are a college student with a few machines that > you work with, then you can afford some downtime. > > Note that the person was talking about the problems of > doing source updates on TEN machines. If you own ten > machines, and if all of those ten machines must have zero > downtime and rock-solid reliability, then you really > have to find the money for an eleventh machine. That is > just the cost of doing business. Find the money to do > the job right, or expect to go out of business the first > day that Murphy's Law comes knockin' at your door. > > That issue of ten or more machines is completely separate > from the issue of how well the ports collection itself > should work, of course. But you can't complain about > the cost of one machine *WHEN* you are moaning about the > problems of owning ten machines which must be up 24/7. > > "Pity the poor college student, with their personally- > owned data center of 50 machines split across five > different architectures." Uh, no. I won't. Anyone > who can afford that much hardware has more money than > I do! > Yes, I can afford down time. There is one thing I've kept with me in my two years of using Unix / Linux / BSD: It's better to bring a machine down or reboot because you're installing updates, than to do so because you were rooted with an exploit that a patch was released for 3 months ago.. Served me well. As I've said, I will continue to not only use, but support FreeBSD, no matter if they take my ideas or not. It doesn't matter, I'll use it anyway and continue to buy the CD sets and the books and the shirts, the stickers, and even the boxers (Comfy boxers by the way) because I believe in it. I'd just like to be able to have the option of installing fixes the way Linux does because then you don't need a build box. And you don't need to take a machine down for a while as you're installing them. I'm not saying dump the current system, not even close, I'm just saying it would be nice to have the option to install patches like slackware at least. IF I was a good programmer I'd be working on that now, but, I have very little coding skill. I can do some very little Perl, and I'm working on learning C because I want to help with FreeBSD and Linux. And because I'd never really be bored. I mean seriously, a pot of coffee or a case of RedBull and a BSD or Linux box, you don't even need X if you know how to code, you'd be able to do something. It's one of my goals in life, to be a Unix wizard. Which is of course why I've chosen Perl and C. Perl was made for Unix and so was C. Anyway I'm rambling on. So my idea is that for.... Hmm I counted a good number of people, who said they don't install patches because it just takes to much time. That's a lot of people, considering not everyone is going to reply, and not everyone who uses it is on thie list... And that's dangerous considering what someone can do to an un patched machine. So for those people and me who can't really spend a day or so doing updates, I'd just like it if Free BSD had a system in place (Which could be added to sysinstall) where you can sit down, use wget to grab some patches, and then either use upgradepkg or an app similar to it, to install the patch. It would save a LOT of time, and people would be more likely to install patches who don't now. The people who install their patches right now aren't going to care. They would most likely continue using what they do now... The people who said they won't install them probably would because it would be easier to do, and hell you could even make a little Perl script that checkes a BSD update server each night for new updates and then grabs and installs them. I'd love that. I'm sure I'm not alone. And as I've said before, I'm not comparing FreeBSD to Slackware, but I don't think it's any secret that Slackware loves FreeBSD. FreeBsdmall and the Slackware store, if you make an order from both, they come in the same box! Each semester I get some cash from my college, I use it for things I need, and so I blew 700 dollars at FreeBSDmall and the Slackware store. I paid extra for the overnight and second day shipping, and the next day, not even 20 hours after I placed my order, it was at my house. Both of them. in the same box. -Allen > -- > Garance Alistair Drosehn = gad@gilead.netel.rpi.edu > Senior Systems Programmer or gad@freebsd.org > Rensselaer Polytechnic Institute or drosih@rpi.edu > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060525012519.4e4e626d>