Peter Jeremy wrote:
On Sat, 2005-Dec-17 23:35:34 +0100, Kövesdán Gábor wrote:
I agree. And after all, tracking a security branch isn't too difficult,
...
# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/gnu/usr.bin/cvs/cvsbug
# make obj && make depend && make && make install
# cd /usr/src/gnu/usr.bin/send-pr
# make obj && make depend && make && make install
Is that difficult?
Speaking as a developer, I think it's trivially easy.
As an end user, I don't think this is acceptable. Firstly, it
requires that the user has installed the src distribution - which is
optional. Secondly, the user is expected to use development tools
without understanding what they do - this is scary for them. Running
the above commands is OK as long as nothing goes wrong but the
"support" group (who inhabit -questions and answer seemingly silly
questions) are going to have to cope with people who've made a typo
somewhere in the sequence and can't explain exactly what they did -
without putting them off FreeBSD.
I think FreeBSD Update shows the way forward but IMHO there needs to
be an "official" binary update tool accessible from www.freebsd.org.
FreeBSD Update was written by, and is continuously maintained by the
actual FreeBSD Security Officer. It's as official as it gets. If
the only barrier to acceptance is that it's not distributed from the
FreeBSD.org domain, then a) that's a silly argument, and b) it's easily
solvable so long as Colin agrees.
Scott
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
