Date: Thu, 18 Apr 2002 21:24:45 -0500 From: D J Hawkey Jr <hawkeyd@visi.com> To: Brett Glass <brett@lariat.org> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <20020418212445.A1577@sheol.localdomain> In-Reply-To: <4.3.2.7.2.20020418200936.023fedd0@nospam.lariat.org>; from brett@lariat.org on Thu, Apr 18, 2002 at 08:12:47PM -0600 References: <4.3.2.7.2.20020418141843.021d1540_nospam.lariat.org@ns.sol.net> <20020418182218.GA35672_peitho.fxp.org@ns.sol.net> <4.3.2.7.2.20020418141843.021d1540_nospam.lariat.org@ns.sol.net> <200204190149.g3J1nOb01496@sheol.localdomain> <4.3.2.7.2.20020418200936.023fedd0@nospam.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 18, at 08:12 PM, Brett Glass wrote:
>
> At 07:49 PM 4/18/2002, D J Hawkey Jr wrote:
>
> >OK, I believe it was mentioned already, but was rather glossed over:
> >
> >For any one "snapshot", be it a major.minor-RELEASE, or -RELEASE-pN,
> >have you - or anyone - any idea just how many snapshots would be required?
>
> One.
>
> >Some systems are IDE/ATAPI, others are SCSI, some are both, and some are
> >RAID. You want a snapshot kernel supporting all that, if yours is just
> >an internet gateway? What're the possible permutations of supported DASD?
>
> I'm afraid I don't understand. What are you talking about?
>
> >What are the possible permutations of NICs?
> >
> >What of optimizations for particular CPUs?
> >
> >So, how many kernels should be "snaphot"d? And who's to make that call?
>
> You obviously misunderstand what we've been referring to when we use
> the word "snapshot." A "snapshot," in this context, is a build of FreeBSD
> from a particular day's sources.
No, I think I do understand. Would not that "snapshot" include the kernel?
If so, what would you like that kernel to be configured as when the snapshot
is taken? Do you think it'd be the same requirements as that of the majority
of others? Even a large minority? How about a small majority?
The kernel not withstanding, what about CPU capabilities? What if the OS
was built with code that uses SSE, but your CPU doesn't support SSE? This
pro'lly isn't a reality [right now], but you get my drift, don't you?
Would you really want an OS built for the lowest common denominator as the
one you install on your production servers, much less your desktop?
> --Brett
Dave
--
______________________ ______________________
\__________________ \ D. J. HAWKEY JR. / __________________/
\________________/\ hawkeyd@visi.com /\________________/
http://www.visi.com/~hawkeyd/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020418212445.A1577>