Peter Jeremy wrote: > On Sat, 2005-Dec-17 23:35:34 +0100, Kövesdán Gábor wrote: > >>I agree. And after all, tracking a security branch isn't too difficult, > > ... > >># cd /usr/src >># patch < /path/to/patch >># cd /usr/src/gnu/usr.bin/cvs/cvsbug >># make obj && make depend && make && make install >># cd /usr/src/gnu/usr.bin/send-pr >># make obj && make depend && make && make install >> >>Is that difficult? > > > Speaking as a developer, I think it's trivially easy. > > As an end user, I don't think this is acceptable. Firstly, it > requires that the user has installed the src distribution - which is > optional. Secondly, the user is expected to use development tools > without understanding what they do - this is scary for them. Running > the above commands is OK as long as nothing goes wrong but the > "support" group (who inhabit -questions and answer seemingly silly > questions) are going to have to cope with people who've made a typo > somewhere in the sequence and can't explain exactly what they did - > without putting them off FreeBSD. > > I think FreeBSD Update shows the way forward but IMHO there needs to > be an "official" binary update tool accessible from www.freebsd.org. > FreeBSD Update was written by, and is continuously maintained by the actual FreeBSD Security Officer. It's as official as it gets. If the only barrier to acceptance is that it's not distributed from the FreeBSD.org domain, then a) that's a silly argument, and b) it's easily solvable so long as Colin agrees. ScottReceived on Sun Dec 18 2005 - 00:19:26 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:49 UTC