From owner-freebsd-arch@FreeBSD.ORG Thu May 24 07:27:26 2007 Return-Path: X-Original-To: freebsd-arch@freebsd.org Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 62B5416A469 for ; Thu, 24 May 2007 07:27:26 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd2mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.freebsd.org (Postfix) with ESMTP id 3C4F313C46C for ; Thu, 24 May 2007 07:27:26 +0000 (UTC) (envelope-from cperciva@freebsd.org) Received: from pd3mr4so.prod.shaw.ca (pd3mr4so-qfe3.prod.shaw.ca [10.0.141.180]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0JIJ00CXKBDM4W60@l-daemon> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:27:22 -0600 (MDT) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd3mr4so.prod.shaw.ca (Sun Java System Messaging Server 6.2-7.05 (built Sep 5 2006)) with ESMTP id <0JIJ003AYBDLN241@pd3mr4so.prod.shaw.ca> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:27:22 -0600 (MDT) Received: from hexahedron.daemonology.net ([24.82.18.31]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with SMTP id <0JIJ001ZBBDK7W71@l-daemon> for freebsd-arch@freebsd.org; Thu, 24 May 2007 01:27:21 -0600 (MDT) Received: (qmail 4193 invoked from network); Thu, 24 May 2007 07:27:06 +0000 Received: from unknown (HELO hexahedron.daemonology.net) (127.0.0.1) by localhost with SMTP; Thu, 24 May 2007 07:27:06 +0000 Date: Thu, 24 May 2007 00:27:06 -0700 From: Colin Percival In-reply-to: <20070524071906.GB80416@xor.obsecurity.org> To: Kris Kennaway Message-id: <46553E4A.1060008@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Enigmail-Version: 0.95.0 References: <46546E16.9070707@freebsd.org> <7158.1179947572@critter.freebsd.dk> <20070523213251.GA14733@keltia.freenix.fr> <20070523.161038.-1989860747.imp@bsdimp.com> <46553A6B.7070904@freebsd.org> <20070524071906.GB80416@xor.obsecurity.org> User-Agent: Thunderbird 2.0.0.0 (X11/20070511) Cc: freebsd-arch@freebsd.org Subject: Re: RFC: Removing file(1)+libmagic(3) from the base system X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2007 07:27:26 -0000 Kris Kennaway wrote: > On Thu, May 24, 2007 at 12:10:35AM -0700, Colin Percival wrote: >> Interestingly, my experience from portsnap is that people tend to update >> ports more frequently than they apply security patches to the base system. > > ...with freebsd update. Important qualification. No, I was looking at version numbers reported by portsnap: Over half of the systems running FreeBSD 6.0 or FreeBSD 6.1 are still running the RELEASE with no security patches (or no kernel patches, at least), while systems running old versions of portsnap were upgraded to newer versions of portsnap far more quickly. Admittedly, there is a bias here in that people running portsnap are likely to be more interested in updating their installed ports than most FreeBSD users; but I still think it's a significant difference. Colin Percival