Date: 18 Apr 2002 15:41:40 -0700 From: Ken McGlothlen <mcglk@artlogix.com> To: Roger Marquis <marquis@roble.com> Cc: security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <87zo0039zv.fsf@ralf.artlogix.com> In-Reply-To: <20020418134015.D47205-100000@roble.com> References: <20020418134015.D47205-100000@roble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Roger Marquis <marquis@roble.com> writes: | Solaris' patch and package subsystems are considerably better designed (i.e, | anal) and the patches are far more thoroughly tested than you'll find in | FreeBSD. Of course. Sun has much, much more control over the hardware. I don't know that they're particularly better designed (things might have changed in the last three years since I've been off Solaris, though), but they're certainly better tested on the sort of hardware it's likely to run on. But even it's not perfect. I remember a SunOS patch some years ago that had the community up in arms. Sun was pretty embarrassed about that. | This is a core difference between much free and commercial software and it | doesn't appear likely to change any time soon (especially given the responses | to Brett's wholly accurate observations). Well, if you are willing to contribute monetarily, I'm sure someone in the FreeBSD camp would be willing to write a better one. After all, you don't seem very hesitant to contribute to Sun; perhaps if FreeBSD got some of your budget, some of the tools most important to you would move up on the priority chain. | The development-oriented readers of -security, good as their coding skills | are (and they are the best), simply don't have the admin or management | experience necessary to understand a risk-analysis with this level of | distinction much less the time or inclination to write the necessary code or | implement supporting procedures. I completely disagree with this, save one item: it's a matter of time. The effort is largely volunteer in nature. Many of us have been admins or coders for years (nearly fifteen years Unix administration for me), and we're aware of the problems and shortcomings of the open-source movement. Believe me, there are definitely things I'd like to see improved as well---but *I* don't have the time to code it, either. If someone were willing to pay me to swot up package- and release-management code, I'd consider it. If you're not comfortable with contributing to FreeBSD development on that level, or its shortcomings are too great, you're probably better off with Solaris. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87zo0039zv.fsf>