Date: Thu, 25 May 2006 15:19:20 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: Yann Golanski <yann@kierun.org> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Survey Message-ID: <p06230904c09ba2682cb3@[128.113.24.47]> In-Reply-To: <20060525082821.GA93011@kierun.org> References: <20060523120100.37D2B16A54F@hub.freebsd.org> <20060523083944.H96736@eboyr.pbz> <20060523160051.GA78620@kierun.org> <44741A43.40302@kernel32.de> <20060524144537.46463a90@hydrocodone.org> <p06230905c09a5acceffb@[128.113.24.47]> <20060525082821.GA93011@kierun.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 9:28 AM +0100 5/25/06, Yann Golanski wrote: >Quoth Garance A Drosihn on Wed, May 24, 2006 at 15:40:23 -0400 >> >> The answer is: build host + jails for a testing environment... > > >> This'll reduce your actual downtime. > > > > > > Did you just tell him to get another computer for > > > each arch to have as a build machine??? > > > > > > Being a broke college student I don't think that's > > > something I'd ever do to install updates on my boxes. > > > I can't afford another computer just to build updates > > > when every other OS I use does updates in another way.... > > >> If you are a college student with a few machines that >> you work with, then you can afford some downtime. > >Why? Just because I am from a mathematics department >with no money for hardware at all does not mean that >our VLE does not have to run all the time. Because if you have many machines which have to be up 100% of the time, then the ports collection is not the only thing which is going to haunt you. The ports collection can be improved upon, of course, but even a perfect ports collection will not solve all the problems of running a large collection of mission-critical computers. What I am saying is that the message which said "Buy another machine" was *NOT* directed to every single user of the ports collection. It was merely advice to anyone who has a large collection of hardware that they need to keep running all the time. There are several unavoidable costs to running computers 24/7. Those costs do not disappear simply because you have no budget. If someone "can not afford downtime", then they have to find a budget to cover those expenses. That is just friendly advice from people who *DO* run lots of computers. There are many things that can go wrong, most of which have nothing to do with the ports collection. Also note that the advice (which is still in the above quote) included the idea of using jails for testing the ports-environment changes. So, the advice didn't even demand that *anyone* had to buy new hardware. This thread started because *Colin* set up a security survey. He *already* realizes that the project needs to do something so that more people are willing and able to apply security fixes once the project comes up with them. So don't go all pouty and claim that no one here appreciates your situation. Many people work very hard to provide the operating system and ports collection for *NO COST*, so don't pretend that we're some greedy bastards who are insensitive to your zero budget. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?p06230904c09ba2682cb3>