On 2009/03/29 14:45, dt...@drizzle.com wrote: > >> My advice to you would be to just follow -STABLE. > > So, it follows that your advice would be to not be really concerned > about security?
no, just choose the software you run carefully. something which keeps having security problems fixed certainly has a bunch of other security problems, and probably some of them were found by people who don't want to alert the vendor. (that's not to say that software never receiving fixes is clean, obviously :-) if there's no alternative to running something likely to have problems, there are steps you can take to reduce the risk (e.g. you could run it under a separate uid). even with insecure software, somebody who is security conscious, running OpenBSD, and not always online, is at very much lower risk than some others... I'd probably run snapshots and update from binaries (OS, affected software and necessary dependencies) if I was worried about a particular problem. but I wouldn't be tracking, say, every last Firefox update. > This thread doesn't inspire any more confidence in -stable ports than I > have gained from the documentation, at present only the base OS is maintained in the -stable branch.
