Date: Thu, 5 May 2016 12:14:30 -0700 (PDT) From: Roger Marquis <marquis@roble.com> To: Steven Hartland <killing@multiplay.co.uk> Cc: freebsd-security@freebsd.org Subject: Re: Batching errata & advisories in heaps degrades security. In-Reply-To: <3930e03c-f81b-1366-6c76-20549768cfe4@multiplay.co.uk> References: <201605051625.u45GPODc084944@fire.js.berklix.net> <3930e03c-f81b-1366-6c76-20549768cfe4@multiplay.co.uk>
| previous in thread | raw e-mail | index | archive | help
> Totally the opposite, it means one rollout instead of X rollouts making it > simpler not harder. I don't know, isn't that the logic behind Microsoft's failed patch-Tuesdays? It's important not to confound security with usability. Any delay to a security advisory is an invitation to hackers. I don't think that's what end-users expect from FreeBSD much as the long arm of the NSA might want to make it so (primarily vis-a-vis CERT and NIST). Those sites that don't care about security are well served by batching but given the packaging of base it seems like there's no longer any significant benefit. Roger
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?>