lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: pauls at utdallas.edu (Paul Schmehl)
Subject: [OT] Re: Knocking Microsoft

--On Saturday, February 28, 2004 8:22 AM -0800 Tim 
<tim-security@...tinelchicken.org> wrote:

>> Yeah, that's *way* easier than FreeBSD's %make install clean.
>
> The ports heirarchy is great for what it is.  But it doesn't do a lot of
> things necessary for keeping high-availability when it comes time to
> patch your daemons on 20+ systems.  Now, I haven't used FreeBSD since
> 4.X days, so maybe they have fixed some of the brain damage, but in a
> system that it is possible to install the same port over the top of
> itself...  Ever installed a new version of a port on top of an old one,
> then tried removing the old one?

First of all, why would you do this?  Secondly, it won't work because the 
port will simply tell you that it's already installed and suggest you 
uninstall the previous version first.  If you're going to use ports, you 
should use portupgrade to upgrade to new versions.

>  Doesn't work too well.  Ever tried
> maintaining systems with both ports and packages?

No, but why would you?  Choose one method or the other and stick with it.

>  IIRC, it doesn't work
> so well either.  The time to compile is also a pain (but can be remedied
> if you compile into a package on a *dedicated* build server).
>
I guess that's a matter of perspective.  I prefer compiling to using 
packages, because they're tailored to the system.  Packages are more 
"generic" by their very nature.

> Don't get me wrong, FreeBSD's ports system is WAY better than dependency
> handling on windoze (if you can even call it that), and is perfectly
> sufficient if you only have a few boxes to maintain.
>
And who has a good system for maintaining large numbers of boxes?

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ