Date: 18 Apr 2002 15:32:42 -0700 From: Ken McGlothlen <mcglk@artlogix.com> To: Brett Glass <brett@lariat.org> Cc: Christopher Schulte <schulte+freebsd@nospam.schulte.org>, security@FreeBSD.ORG Subject: Re: FreeBSD Security Advisory FreeBSD-SA-02:21.tcpip Message-ID: <878z7k4oz9.fsf@ralf.artlogix.com> In-Reply-To: <4.3.2.7.2.20020418143615.021a8460@nospam.lariat.org> References: <4.3.2.7.2.20020418095356.024354c0@nospam.lariat.org> <4.3.2.7.2.20020417230144.032ad390@nospam.lariat.org> <200204171923.g3HJNga58899@freefall.freebsd.org> <4.3.2.7.2.20020418095356.024354c0@nospam.lariat.org> <4.3.2.7.2.20020418143615.021a8460@nospam.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass <brett@lariat.org> writes: | Good tips here, assuming that you're willing to keep a build server around. | But what if you're doing a fresh install at a customer site (with Internet | feed), and want to get from floppies to a reasonably secure system without | headaches? I'd probably burn it onto a CD myself based on the latest -STABLE I was willing to support. | Also, won't "make installworld" nuke some of the customization you've done to | each machine? I try my hardest not to customize anything in /usr/src. If you do that, you're on your own, bud. | And what if you're running with SECURELEVEL=2 on your production servers? You'll have run with a lower SECURELEVEL to install it. But then, you'd have to anyway. C'mon, Brett, these last two objections are really stretching things. Are you looking for a solution, or are you just whinging? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?878z7k4oz9.fsf>