Jason Beaudoin wrote: > On Dec 13, 2007 1:05 PM, Raimo Niskanen > <[EMAIL PROTECTED]> wrote: > > On Thu, Dec 13, 2007 at 01:07:17PM +0000, Jonathan Thornburg wrote: > > > First, I'd like to thank those who provided useful responces to my > > > query (which started this thread), both on- and off-list. > I had missed > > > the announcement > (http://marc.info/?l=openbsd-ports&m=119347390302171&w=1) > > > that -stable ports & packages are no longer maintained. > > > > > > > As I recall from the FAQ and installation manual, an overall > > philosphy for OpenBSD is that the package system is the > > recommended. Users are encouraged to install from binary > > packages. And regular users should follow the stable > > branch. > > > > Does this still apply. It seems not from this thread, so > > in what way should a regular user now follow the stable branch? > > > > And yes, it should be in the FAQ. > > > > Or is this just a temporary setback? > > > > As an inexperienced user, I still hear: "use the package system." But > on -release.. which is *supported.* > > If security is of the utmost importance, following security > announcements and applying patches yourself, as necessary, is the > thing to do. The developers have work to do.. which involves > continuing development. If you want to use -stable, which is > unmaintained/unsupported, use the appropriate cvs repo and build from > ports. > > > This is how I've interpreted things, maybe I'm wrong.. but I see no > point in bothering developers for package maintenance. They should be > able to invest themselves as they see fit, and I'd be willing to bet > that more often than not, this work would be in developing the > system.. making it better for themselves, and in turn, us. > > We are free to do as we please. and our beloved developers are not > under any support contracts. Let us let them invest themselves as they > see fit.. I'm sure we'll all benefit, we have thus far. In turn, let's > see where and how we can give back to them. > > > Best regards, > > ~Jason > Maybe I'm missing something, but it seems like security on a lot of systems is trying to play catch-up with the latest patches. I I have an enemy, that is exactly where I want him.
Seems like long ago OBSD tended to have fixed the latest whatever about 6 months before everybody else woke up to the whatever. Compared to most other systems, methinks you'd come out ahead by waiting for the next CDs and then upgrading. The -release does need to be in place just in case anything critical is actually needed. To paraphrase something or other, Security is never having to patch. Dunno if OBSD is really there yet, but seems like they're close.
