Date: Mon, 2 Oct 2000 09:07:42 +0200 From: "Andreas Alderud" <aaldv97@student.vxu.se> To: <security@FreeBSD.ORG> Subject: Re: Security and FreeBSD, my overall perspective Message-ID: <001101c02c3f$754a76b0$6400a8c0@XGod>
next in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: >> I think it would be wise to have three ports of the ``same´´ package. >> My idea is to have lets say -SECURE, -STABLE - and CURRENT (the same could >> be done with FreeBSD itself). > >I don't understand what you're trying to say here. The ports >collection isn't branched into -stable and -current versions, and I >don't see any real benefits to doing that. It should work the same with both. I know, but that was not what I ment. I want ported application, where possible and/or needed, to have -SECURE, -STABLE - and -CURRENT version tag. Some people don't want to run the current of the software, they want to build and run the latest stable version, but in most cases it is no longer availbe, like with the Blackbox WM port for example. The latest stable verion of Blackbox is 0.51.3.1 but the only version available in FreeBSD 4.1.1 is 0.61.0. If we stretch this argument further, I as an OpenBSD user, like the fact that in the version I run, i.e. 2.6, they still use bind4 because it's not only proven stable, but also secure. Therefor it should be possible to have a, quite a bit larger tree of ports, without almost any extra work, that pleases everybody from security freaks to people who like to stand firmly on the ground but be quite up to date, and the people who like to live on the bleeding edge. I'm sure this could be done with FreeBSD itself, once a -SECURE version, of lets say 4.1.1, is available it would only be updated for security fixes not the feature patches that the -STABLE version now enjoys. Same thing here, wouldn't take that much extra effort. >> The real advantage of this would be if the BSDs would have a unified ports >> system, as proposed by Chris Coleman, and incorperate the ideas of Jordans >> paper on the future package system. [...] > >This doesn't sound relevant to the current FreeBSD ports collection - >if OpenPackages want to stratify their ports collection, they can do >what they like :-) Yep, but it's time to update to package system. http://people.freebsd.org/~jkh/package-and-install.txt /Kind regards, David A. Alderud To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001101c02c3f$754a76b0$6400a8c0>