From owner-freebsd-stable Wed May 16 14:10:20 2001 Delivered-To: freebsd-stable@freebsd.org Received: from maile.telia.com (maile.telia.com [194.22.190.16]) by hub.freebsd.org (Postfix) with ESMTP id 9865337B422 for ; Wed, 16 May 2001 14:10:13 -0700 (PDT) (envelope-from ertr1013@student.uu.se) Received: from d1o913.telia.com (d1o913.telia.com [195.252.44.241]) by maile.telia.com (8.11.2/8.11.0) with ESMTP id f4GLAAi01220 for ; Wed, 16 May 2001 23:10:10 +0200 (CEST) Received: from ertr1013.student.uu.se (h185n2fls20o913.telia.com [212.181.163.185]) by d1o913.telia.com (8.8.8/8.8.8) with SMTP id XAA24474 for ; Wed, 16 May 2001 23:10:08 +0200 (CEST) Received: (qmail 69686 invoked by uid 1001); 16 May 2001 21:10:06 -0000 Date: Wed, 16 May 2001 23:10:05 +0200 From: Erik Trulsson To: stable@FreeBSD.ORG Subject: Re: Old compiler (3.3-stable -> 4->stable) Message-ID: <20010516231005.A69667@student.uu.se> Mail-Followup-To: stable@FreeBSD.ORG References: <20010516004223.A800@iv.nn.kiev.ua> <20010516232828.A411@iv.nn.kiev.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010516232828.A411@iv.nn.kiev.ua>; from netch@iv.nn.kiev.ua on Wed, May 16, 2001 at 11:28:28PM +0300 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, May 16, 2001 at 11:28:28PM +0300, Valentin Nechayev wrote: > Wed, May 16, 2001 at 11:41:59, avn (Alexey V. Neyman) wrote about "Re: Old compiler (3.3-stable -> 4->stable)": > > > >It is better now to do binary upgrade from 3.x to 4.3, if your Internet > > >connection allows to download `bin' package (~50M). (But for mergemaster > > >you must untar or cvsup full sources.) Upgrade via `make world' will > > >fail in too many places, such as perl, gperf & groff, kernel... > > I found the following sequence to be rather fail-safe: > > 3.5.1-R -> 4.2-R -> 4.3-S, I tested it a few times and it have not failed > > me. > > Of course, but is upgrade from source such important to you, preferrable > than having secure system? 4.2-R is insecure, and you must use one additional > make_world step which makes your system containing well-known holes > for a few hours. I don't discuss here possibility of such way, but say > that binary upgrade is better now. You could of course just disconnect the machine during the make world. Then any security holes shouldn't matter. For a slightly less drastic option you could just avoid running any network daemons during the intermediate steps. If nothing listens for a connection it should be fairly safe. > > One can also compare this with the way needed to upgrade via make > world chain from 2.2 to 4.3: one of the steps is 3.0, which is both > insecure and unstable. I don't know any server in my epsilon environ > which was upgraded from 2.2 in such way. Only binary upgrades. > Personally I have never done any binary upgrades on my systems but only source upgrades. I don't really trust a binary upgrade to DTRT. But that is me and if it works for you, fine. -- Erik Trulsson ertr1013@student.uu.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message