Date: Tue, 30 Apr 2013 00:24:15 -0400 From: Glen Barber <gjb@FreeBSD.org> To: Brett Glass <brett@lariat.net> Cc: freebsd-security@FreeBSD.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-13:05.nfsserver Message-ID: <20130430042415.GG1588@glenbarber.us> In-Reply-To: <201304300416.WAA20729@lariat.net> References: <201304292055.r3TKtcEs039958@freefall.freebsd.org> <201304292208.QAA16119@lariat.net> <20130430034603.GF1588@glenbarber.us> <201304300416.WAA20729@lariat.net>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] On Mon, Apr 29, 2013 at 10:16:43PM -0600, Brett Glass wrote: > At 09:46 PM 4/29/2013, Glen Barber wrote: > > >This has _always_ been the case with freebsd-update(8). > > Should it be? Yes. freebsd-update(8) does not, and cannot, know of custom kernel configurations. > It seems to me that the current behavior > > a) Violates POLA; and > Wrong. Users that build a custom kernel are responsible for maintaining the custom kernel for upgrades. > b) Puts any system with a custom kernel at serious risk if > surgery and/or a kernel rebuild is not done prior to the > next reboot. If there's a power failure, the system may > well not come up. Wrong. Previous statement applies. Glen [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iQEcBAEBCAAGBQJRf0dvAAoJEFJPDDeguUajoO8H/2lYpy4aXLNsROVGHxjYWCno N/D7HJHZ45DZgLCjXhTYAQ/AR+wiWQv9JAt7t6BAhnXJaK0MP2HgOcKSWlmjHjM3 29SkAh0RmTsQWDxtY5uTV8QCEEcQf31y/56n/gqSv6OS11aDy6jHLu1cCy6dSgHX aTqpHdTpmKL4qvzF4HhkRFqGiFOKVtHxPOfzFk/HZrMM3rTU/kfdkXhZhYrXJ0s0 Ib+PoNEOebTtqpGNYnb27EPKYIDhvYfRD/URdmaYVZj2oKZvL/+FqrVYQ2d3iX5Q XYguLfDcazg1j9/QdVxeDrKQ8XggRJtdrb+BHvCwrWLSUoyYn5BJOjqkdcPoUB0= =sWl3 -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130430042415.GG1588>