Date: Fri, 18 Jun 1999 13:07:46 -0600 From: Wes Peters <wes@softweyr.com> To: Brendan Conoboy <synk@swcp.com> Cc: jgreco@ns.sol.net, security@FreeBSD.ORG Subject: Re: make world clobbers (was Re: some nice advice...) Message-ID: <376A9902.6E5094CD@softweyr.com> References: <199906180511.XAA15842@kitsune.swcp.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Brendan Conoboy wrote:
>
> > By definition, one isn't too interested in running "make world" on an
> > application-server-platform class machine. You're looking for a platform
> > on which to run some application, and about the only thing you'll ever
> > need to patch would be the kernel. Anything else (bugs in userland) is
> > merely an annoyance that you can live with because you didn't need any of
> > that stuff anyways. And if you _do_ need to upgrade, you'll do it from
> > a binary distribution, not from source, because you can't really afford
> > to have your application server offline for the unnecessary luxury of
> > building the world.
>
> Er, don't you upgrade from source when there's a security problem in
> userland but no new binary distribution? I do.
Good grief, no! *IF* the bug is in a service that you are using,
you update the source, build and test the new service on an off-line
workstation or server, and when you're certain the changes are
reliable, move the new binaries to the target server.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.softweyr.com/~softweyr wes@softweyr.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?376A9902.6E5094CD>