Re: security support

2009-03-31 Thread Aaron W. Hsu
Ian, From kaosa...@tpg.com.au Tue Mar 31 09:08:59 2009 From: Ian McWilliam To: "ports@openbsd.org" Subject: Re: security support [...] Just what grabs peoples fancy with regard -stable ports??? I would say that proper security/stab

Re: security support

2009-03-30 Thread Ian McWilliam
b...@openbsd.rutgers.edu wrote: On 31 March 2009 at 0:56, Stefan Sperling wrote: On Mon, Mar 30, 2009 at 07:22:08PM -0400, Aaron W. Hsu wrote: It's much easier for people in -STABLE to just run the stable packages. That is still probably the best advice for most people. Yes.

Re: security support

2009-03-30 Thread Stefan Sperling
On Mon, Mar 30, 2009 at 07:22:08PM -0400, Aaron W. Hsu wrote: > It's much easier for people in -STABLE to just run the stable packages. > That is still probably the best advice for most people. Yes. Also, due to various exploit mitigation techniques in OpenBSD, many bugs that show up in ports ar

Re: security support

2009-03-30 Thread Aaron W. Hsu
David, Thanks for your message... > As a practical matter, I would prefer to see that information > featured prominently in the documentation, rather than strongly > encouraging people to rely on packages > (http://www.openbsd.org/faq/faq15.html#PkgVsPorts). I don't feel > that it's responsi

Re: security support

2009-03-30 Thread dtalk
Aaron, thank you for your feedback, and my apologies if my comments were interpreted negatively. It was not my intent to offend. As a practical matter, I would prefer to see that information featured prominently in the documentation, rather than strongly encouraging people to rely on packag

Re: security support

2009-03-30 Thread Stuart Henderson
On 2009/03/29 14:45, dt...@drizzle.com wrote: > >> My advice to you would be to just follow -STABLE. > > So, it follows that your advice would be to not be really concerned > about security? no, just choose the software you run carefully. something which keeps having security problems fixed cert

Re: security support

2009-03-29 Thread Aaron W. Hsu
David, Thank you for your message... > Aaron W. Hsu wrote: > > >but if you are really concerned about security, pretty much your only > >hope is to either run -CURRENT or track the security updates and > >backport them yourself. > > And then adds: > > >My advice to you would be to just follo

Re: security support

2009-03-29 Thread TeXitoi
Ryan Freeman writes: > > This thread doesn't inspire any more confidence in -stable ports than I > > have gained from the documentation, which has led me to conclude that I > > should generally compile and manage my own software on OpenBSD. A > > "stable" branch is generally understood to

Re: security support

2009-03-29 Thread Ryan Freeman
On Sun, Mar 29, 2009 at 02:45:11PM -0700, dt...@drizzle.com wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Aaron W. Hsu wrote: > >> but if you are really concerned about security, pretty much your only >> hope is to either run -CURRENT or track the security updates and >> backport

Re: security support

2009-03-29 Thread dtalk
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aaron W. Hsu wrote: but if you are really concerned about security, pretty much your only hope is to either run -CURRENT or track the security updates and backport them yourself. And then adds: My advice to you would be to just follow -STABLE.

Re: security support

2009-03-28 Thread Aaron W. Hsu
Doug, > I only have the phone for about an hour a day, and the computer for a > couple of hours. I don't want to spend all that time just keeping the > system up-to-date and not getting any real work done. My advice to you would be to just follow -STABLE. -- Aaron W. Hsu |

Re: security support

2009-03-28 Thread Douglas A. Tutty
On Sat, Mar 28, 2009 at 12:40:54PM -0400, Aaron W. Hsu wrote: > > Could someone point me to the appropriate docs or info on the > > mechanism for keeping the packages/ports of a stable OBSD system > > up-to-date? > > Occassionally I see a security patch backported to the -STABLE branch, > but if y

Re: security support

2009-03-28 Thread Aaron W. Hsu
Douglas, > Could someone point me to the appropriate docs or info on the > mechanism for keeping the packages/ports of a stable OBSD system > up-to-date? Occassionally I see a security patch backported to the -STABLE branch, but if you are really concerned about security, pretty much your only ho

security support

2009-03-28 Thread Douglas A. Tutty
Hello all, Up to now, I've only used OBSD on small old boxes, just to poke around with. Since they haven't been used online, I haven't worried about upgrading. I'm planning to move my main box (HP NetServer LPR, dual P-II-450 with 1 GB ram, two 36 GB SCSI drives and an HP NetRaid card) from Debi