From owner-freebsd-chat Fri Nov 22 18:24:34 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4C7837B401 for ; Fri, 22 Nov 2002 18:24:33 -0800 (PST) Received: from freebie.atkielski.com (ASt-Lambert-101-2-1-14.abo.wanadoo.fr [193.251.59.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8FDAC43E88 for ; Fri, 22 Nov 2002 18:24:32 -0800 (PST) (envelope-from anthony@freebie.atkielski.com) Received: from contactdish (contactdish.atkielski.com [10.0.0.10]) by freebie.atkielski.com (8.11.3/8.11.3) with SMTP id gAN2OV980629 for ; Sat, 23 Nov 2002 03:24:31 +0100 (CET) (envelope-from anthony@freebie.atkielski.com) Message-ID: <014901c29297$74dc8040$0a00000a@atkielski.com> From: "Anthony Atkielski" To: "FreeBSD Chat" References: <20021116232242.S23359-100000@hub.org> <04f801c28e20$0a3665b0$0a00000a@atkielski.com> <10525754683.20021123004206@dds.nl> Subject: Re: Re[2]: FreeBSD: Server or Desktop OS? Date: Sat, 23 Nov 2002 03:24:31 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2720.3000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Alex writes: > This policy doesn't help against security bugs. You can apply patches to correct security bugs, or you can configure your system so that bugs are not relevant for your application. > Only a couple of development tries are (officially) > supported. All a cracker would have to do is read > the bug warnings and use a good one to gain access to > you system. Most security bugs are never exploited. Whether or not one fixes every single bug is a matter of judgement; it may not be risk- or cost-justified to fix a security bug if it means upgrading or replacing the entire operating system. Additionally, if bugs are very numerous, it might be worthwhile to consider changing vendors. > I feel that a good production server should not > be CURRENT or STABLE but the latest RELEASE on > the STABLE tree, unless you got a good reason not to. Having to upgrade 8000 of them at once is often a good reason not to. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message