From owner-freebsd-security  Mon Oct  2 21:36:14 2000
Delivered-To: freebsd-security@freebsd.org
Received: from ns.yogotech.com (ns.yogotech.com [206.127.123.66])
	by hub.freebsd.org (Postfix) with ESMTP id F114437B503
	for <security@FreeBSD.ORG>; Mon,  2 Oct 2000 21:36:11 -0700 (PDT)
Received: from nomad.yogotech.com (nomad.yogotech.com [206.127.123.131])
	by ns.yogotech.com (8.9.3/8.9.3) with ESMTP id WAA16491;
	Mon, 2 Oct 2000 22:36:11 -0600 (MDT)
	(envelope-from nate@nomad.yogotech.com)
Received: (from nate@localhost)
	by nomad.yogotech.com (8.8.8/8.8.8) id WAA21079;
	Mon, 2 Oct 2000 22:36:10 -0600 (MDT)
	(envelope-from nate)
Date: Mon, 2 Oct 2000 22:36:10 -0600 (MDT)
Message-Id: <200010030436.WAA21079@nomad.yogotech.com>
From: Nate Williams <nate@yogotech.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To: Roger Marquis <marquis@roble.com>
Cc: security@FreeBSD.ORG
Subject: Re: ftpd bug in FreeBSD through at least 3.4
In-Reply-To: <Pine.GSO.3.96.1001002183337.17394A-100000@roble2.roble.com>
References: <Pine.GSO.3.96.1001002183337.17394A-100000@roble2.roble.com>
X-Mailer: VM 6.34 under 19.16 "Lille" XEmacs Lucid
Reply-To: nate@yogotech.com (Nate Williams)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> Operating Systems like FreeBSD, lacking much in the way of backwards
> compatibility, must be babied through frequent upgrades with lots of
> skilled systems administration.

Huh?  I've got FreeBSD 1.1 binaries running on boxes that are 6-7 years
old.  I don't understand the issues about 'lacking backwards
compatability'.  Just recently my 5 year old uemacs binary failed on
freefall because they (finally) deleted the shared libraries it used.  I
could make it work by bringing in the libraries, but it was *easier*
just to upgrade to a newer binary.

> Commercial Unix vendors like Sun, on the other hand, only need to be
> upgraded every few years thanks to their extensive patch support.

*Yeah*  Suffice it to say I disagree, since Sun boxes used on the
Internet *must* be upgraded to the latest/greatest version of SunOS if
you intend on being truly secure.

And, you end up having to roll your own versions of the software,
because too often the software on them is so out-dated and buggy that
it's easier to do it yourself than rely on Sun.

> Backwards compatibility is often maintained across several major
> revisions saving hundreds of hours of maintenance in some cases.

See above.

> We're still using some Sun binaries compiled 10 and 11 years ago!

If FreeBSD were that old, I could say the same thing.  Give me a couple
of years. :)

> Think of how many times you've had to recompiled FreeBSD binaries in
> just the last couple of years.

If you're recompiling the binaries because you *had* to, then you're
misinformed.  You get to recompile them, but you certainly dont' have
to.


Nate


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message