Juha Saarinen wrote:
On 8/23/06, Nico Meijer <[EMAIL PROTECTED]> wrote:
Set up another, non-production, box with 3.9 and build -stable on that.
Follow `man release` and read the upgrade guide on how to extract the
sets.

Seems a slightly cumbersome way to deal with security issues which may
be urgent, but perhaps that's just me?


THEN PUT THE COMPILER ON THE COMPUTER IN QUESTION!  Sheesh.

"Hi, I just shot myself in the foot, and it really hurts. I don't think it should be that way" uh..then watch where you store your bullets.

Having a mechanism to support your production machines with updates and upgrades has to be part of your system. If you opt to make the system more difficult to update by leaving off the compiler, you have to do something else to do the builds If you are worried about urgent, you have a system that can build rapidly, not in days...

Very eloquent arguments have been made for why leaving compilers off systems INCREASES security risks due to making the system hard to update.

Nick.

Reply via email to