From owner-freebsd-security Mon May 20 13:50:14 2002 Delivered-To: freebsd-security@freebsd.org Received: from bran.mc.mpls.visi.com (bran.mc.mpls.visi.com [208.42.156.103]) by hub.freebsd.org (Postfix) with ESMTP id E6E2C37B403; Mon, 20 May 2002 13:50:05 -0700 (PDT) Received: from sheol.localdomain (hawkeyd-fw.dsl.visi.com [208.42.101.193]) by bran.mc.mpls.visi.com (Postfix) with ESMTP id D5EEB4A58; Mon, 20 May 2002 15:50:04 -0500 (CDT) Received: (from hawkeyd@localhost) by sheol.localdomain (8.11.6/8.11.6) id g4KKo0a63470; Mon, 20 May 2002 15:50:00 -0500 (CDT) (envelope-from hawkeyd) Date: Mon, 20 May 2002 15:50:00 -0500 From: D J Hawkey Jr To: Maxim Sobolev Cc: freebsd-security@FreeBSD.org Subject: Re: Is 4.3 security branch officially "out of commission"? Message-ID: <20020520155000.A63427@sheol.localdomain> Reply-To: hawkeyd@visi.com References: <200205201008.g4KA8uKl000787_midway.uchicago.edu@ns.sol.net> <3CE8D057.BEA07F0_FreeBSD.org@ns.sol.net> <200205201510.g4KFAes00586@sheol.localdomain> <3CE93172.F9E3954A@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <3CE93172.F9E3954A@FreeBSD.org>; from sobomax@FreeBSD.org on Mon, May 20, 2002 at 08:25:06PM +0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On May 20, at 08:25 PM, Maxim Sobolev wrote: > > D J Hawkey Jr wrote: > > > > > What is the official procedure when somebody not from the security > > > team want to maintain older releases? For example, as I said there is > > > significant push from the local community to merge recent security > > > fixes into older releases, so that it is likely that they could > > > provide to me with tested patches for older releases they are > > > interested in. May I merge them into 4.3 security branch without my > > > commit bit being suspended for inappropriate MFCs into security > > > branch? > > > > > > -Maxim > > > > Quite apart from what Jacques an Kris lay down as the Official Party > > Line(tm), you might want to look at > > > > http://www.visi.com/~hawkeyd/freebsd-backports.html > > > > It's my own small effort to provide what you - and I - are looking for. > > Nice, thank you for the pointer. While I like the idea, but I think > that implementation is somewhat suboptimal for you and for all who > might use this service, as over the time number of patches will grow > and interdependencies between those patches will become more and more > complex. Agreed. To a small degree, it already has. > In my vision the better way would be to set-up cvs repositiry and > cvsup service on top it, then import FreeBSD releases onto vendor > branches, set up branches with exactly the same names as FreeBSD's > original oned (i.e. RELENG_4_1_0, RELENG_4_2_0 etc) and apply your > backported patches to those brahches. Then, someone with the existing > already unsupported FreeBSD source tree could point his cvsup to your > server and get *all* backported fixes for his particular version. Of > course there should be list of such fixes, prefferable in the cvs > itself, so that people could verify which fixes did they get. This would be a better solution, indeed. But, from my own narrow point- of-view, - This widens the scope of what I'm already providing. That is, my stuff confines itself to the kernel. As the introduction states, it's geared to those who cannot or will not build their world. I chose that rather narrow focus because: - I have neither the DASD, the bandwidth, nor the time, to pull this off as it should be done, though I do have a desire to so. - Real Life(tm) is more demanding than Virtual Life(tm) right now. > If you are interested, I'm ready to help you with setting this up. May be another season or so... > Thanks! > -Maxim Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message