Date: Wed, 28 Nov 2001 14:57:17 -0800 (PST) From: Roger Marquis <marquis@roble.com> To: <security@FreeBSD.ORG> Subject: Re: Updating ssh Message-ID: <20011128143641.X12621-100000@roble.com> In-Reply-To: <bulk.98822.20011128142725@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass wrote: > This reflects a common problem in FreeBSD. When you install a port or > compile a newer version of an application which is included in the base > install, it usually goes into /usr/local, so the system keeps on using > the old version (which is ahead of the newer one in the path). This problem has bit us more than a few times. It's also one of the things that keeps FreeBSD from gaining market share in large and high-security networks. If FreeBSD QA implemented the KIS principle there would be a single official location for every file and no duplicates anywhere on the system. The root of the problem is that few FreeBSD developers have extensive systems administration experience and few FreeBSD sysadmins have a background in large site configuration management. Seems to be an inevitable weakness of cutting-edge OSs. > Perhaps FreeBSD should put these things in /usr/local from the get-go? Either that or configure ports to put things where they already are. I'd vote for the latter as it fosters compatibility across versions, architectures and OSs and doesn't conflict with NFS sites that mount /usr/local from a fileserver. Unfortunately most FreeBSD installations are not multi-user, don't run NIS or NFS, aren't part of a large installation, and most FreeBSD ports are designed accordingly. -- Roger Marquis Roble Systems Consulting http://www.roble.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011128143641.X12621-100000>