From owner-freebsd-security  Wed May 15 12:50:52 2002
Delivered-To: freebsd-security@freebsd.org
Received: from user205.net239.fl.sprint-hsd.net (user205.net239.fl.sprint-hsd.net [209.26.20.205])
	by hub.freebsd.org (Postfix) with SMTP id DA48137B40F
	for <security@freebsd.org>; Wed, 15 May 2002 12:50:10 -0700 (PDT)
Received: (qmail 30603 invoked by uid 85); 15 May 2002 19:50:21 -0000
Received: from scorpio@drkshdw.org by scorpio.DrkShdw.org
	 by uid 89 with qmail-scanner-1.10 (uvscan: v4.1.60/v4199. . Clear:0. Processed in 0.804553 secs); 15 May 2002 19:50:21 -0000
Received: from jeff.home.lan (HELO jeffrey.drkshdw.org) (192.168.134.2)
  by user205.net239.fl.sprint-hsd.net with SMTP; 15 May 2002 19:50:19 -0000
Message-Id: <5.1.0.14.0.20020515154731.00b5e870@mail.drkshdw.org>
X-Sender: scorpio@mail.drkshdw.org
X-Mailer: QUALCOMM Windows Eudora Version 5.1
Date: Wed, 15 May 2002 15:51:38 -0400
To: security@freebsd.org
From: Jeff Palmer <scorpio@drkshdw.org>
Subject: Re: Patch/Announcement for DHCPD remote root hole?
In-Reply-To: <4.3.2.7.2.20020515132552.0313bbb0@nospam.lariat.org>
References: <20020515120324.E69211@switchblade.cyberpunkz.org>
 <4.3.2.7.2.20020515101500.00e7fee0@nospam.lariat.org>
 <4.3.2.7.2.20020509175155.024efc00@nospam.lariat.org>
 <4.3.2.7.2.20020509175155.024efc00@nospam.lariat.org>
 <20020515105453K.matusita@jp.FreeBSD.org>
 <4.3.2.7.2.20020515101500.00e7fee0@nospam.lariat.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org



 >CVSup is a programmer's tool, not an administrator's tool. And it is
 >certainly not a tool for newcomers. It makes the learning curve far
 >too steep -- especially if the person doing the install is just learning
 >UNIX. Use of CVSup should not be necessary to do a secure install of
 >the system.


If CVSup is a programmers tool, and not an administrators tool..
How is one supposed to keep his system updated and secure AFTER the initial 
install?
How is one supposed to update to the latest branch, after the initial install.

Sure, for security problems, You can just use supplied patches,
However.. patches are typically only released for security related issues, 
not for average bugs.

Saying that CVSup isn't an administrators tool, is a little narrow minded, 
and a lot unreasonable in my opinion.  Part of being an administrator 
involves keeping the system up to date.

Jeff Palmer
scorpio@drkshdw.org




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message