Date: Fri, 18 Jun 1999 06:36:22 -0500 (CDT) From: Joe Greco <jgreco@ns.sol.net> To: synk@swcp.com (Brendan Conoboy) Cc: security@freebsd.org Subject: Re: make world clobbers (was Re: some nice advice...) Message-ID: <199906181136.GAA43699@aurora.sol.net> In-Reply-To: <199906180511.XAA15842@kitsune.swcp.com> from Brendan Conoboy at "Jun 17, 1999 11:11: 6 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> > By definition, one isn't too interested in running "make world" on an > > application-server-platform class machine. You're looking for a platform > > on which to run some application, and about the only thing you'll ever > > need to patch would be the kernel. Anything else (bugs in userland) is > > merely an annoyance that you can live with because you didn't need any of > > that stuff anyways. And if you _do_ need to upgrade, you'll do it from > > a binary distribution, not from source, because you can't really afford > > to have your application server offline for the unnecessary luxury of > > building the world. > > Er, don't you upgrade from source when there's a security problem in > userland but no new binary distribution? I do. No. There are few such issues that can matter in a properly secured system (you can't exploit suid programs that are missing the suid bit, for example) and almost every other problem has some other trivial workaround. I can't think of a case in recent times where this isn't true... ... Joe ------------------------------------------------------------------------------- Joe Greco - Systems Administrator jgreco@ns.sol.net Solaria Public Access UNIX - Milwaukee, WI 414/342-4847 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906181136.GAA43699>