> Honestly, the thought that this can easily affect other people with lots of > network statements in OSPF is pretty scary, and the thought of running > -current is equally scary. Most admins prefer not to live out on the edge > and I understand the project's strict guidelines should ensure safe and > reliable code commits, but nobody is perfect and this is one of those > situations where I would like to be as safe as possible. Deciding to run non > -release software with what would be described in most projects as being > "unofficial" fixes is a giant leap of faith for most people. What can I say > -- old habits die hard.
If you run OpenBSD in production, you should subscribe and follow misc@, tech@ and occasionally source-changes@. I am newbie since August'10, and I can now understand somewhat when it is safer to jump to -current and when its safer to hold off from either compiling/installing from snaps. Though, I always run -current as a desktop. > On the other hand, I had this discussion with co-workers today: What makes > you trust hotfixes from vendors any more than code from members of the > example: OpenBSD project? It doesn't make sense; you don't get responses > from their developers directly most of the time, you have no idea what their > skills are, and you certainly don't get to see the code! Suddenly you trust > a vendor with your life because you were forced to drop a hefty bag of money > in front of them? It seems very backwards, and I'd like to get that > perception changed: quality open source software is available and it is a > wise financial investment. Companies can also sit on your RFE or bug because not many people complained and its not prioritized. So there goes your money and your time bugging (or is it begging?) them. I can't blame the companies if its low priority and you shouldn't either. Same with open source. And here's some food for thought, if you were running a commercial ospfd, then you wouldn't even know it was a problem. Ignorance is bliss, huh? You might have gotten a fix in the monthly or quarterly or 6 monthly update. Or just maybe maybe never.
