 |
Pegasus3d.com
Discussions on multiple topics, open to all
|
| View previous topic :: View next topic |
| Author |
Message |
Magus
Tolkien Loremaster
Vice Admiral
Joined: 17 Aug 2001
Posts: 9521
Location: On the Stairway to Heaven.
|
 Posted: Sat Jan 07, 2006 1:25 pm Post subject: |
 |
|
Silly Kingpinmc! Open Source never needs patching! 
_________________
<Paolo|Work> anything that has to do with Java is by definition stupid
1 The Network is my domain, I shall not want; 2 though it makes me wait upon collision, it leads me to the Internet; 3 it restores my connection. It leads me in paths of hypertext transfer for google's sake. 4 Even though I walk through the valley of the shadow of power failures, I fear no data corruption; for backups art with me; thy UPS and thy status light, they comfort me. 5 Thou preparest a firewall before me in the presence of my enemies; thou anointest my CD-R with BurnProof, my buffer never underflows. 6 Surely good deals and pr0n shall follow me all the days of my life; and I shall dwell in the house of the Datacenter for ever.
-HitScan
Wilde is a 4' chinese man in a bright pink tutu, lime green pimp hat with peacock feathers, and a purple feather boa, wearing tissue stuffed snakeskin combat boots, holding a gun bigger than he is, smoking a cigarette in the parking garage, trying to look menacing while pouting and head banging to Godsmack I stand alone |
|
| Back to top |
|
 |
AllYorBaseRBelong2Us
Infernal Smam Lord
Vice Admiral
Joined: 25 Feb 2001
Posts: 9706
Location: Gaurding the toenail clipper bag that holds you all!
|
| Posted: Sun Jan 08, 2006 2:45 pm Post subject: |
|
|
Oscar Wilde's back needs patching, however. AYB wishes him a safe hotfix to his smammy spine
_________________
This and other statistics can be culled from Jeremy Reimer's Personal Computer Market Share: 1975-2002, a very impressive piece of information gathering. The numbers tell some very interesting stories.
- http://lowendmac.com/musings/03/0131.html
Man, I need to get out more. You know smam is getting to you when you go to a canadian restaurant and start wondering about moose cock. -OscarWilde |
|
| Back to top |
|
|
Mord
Console Cowboy
Vice Admiral
Joined: 04 Sep 2002
Posts: 8022
Location: Where the rubber meets the road.
|
| Posted: Mon Jan 09, 2006 10:48 am Post subject: |
|
|
| Magus wrote: |
| Silly Kingpinmc! Open Source never needs patching! |
What's interesting about open source is the speed at which software tends to be updated. I think updating packages constantly is just as dangerous as implementing no security at all. Say I run something called OSS version A. Say there's an issue with it. So I upgrade to version B because its available, which fixes the issue, but maybe there's another issue. And then version C is available a week later. I never get used to running a particular version.
With updates to all packages on my Gentoo boxes, I never really get a baseline or even fully understand what issues are available. But if I stop "emerging world", and understand what revs of internet facing software I am running, I can defend against vulnerabilities in other ways, by disabling unnecessary features, and setting up ACLs and other security on features I need, and even using proxy firewalls to broker all serverside transactions (which I don't do, but its possible).
And of course, if a particular software package is just too weak to run production, I'll upgrade it to a version that is, or at least one that I can better fortify against intruders^H^H^H^H^H^H^H^H^Husers.
I think organizations like Microsoft and Debian get this. Their major platform releases are scheduled years apart and minor software patches are implemented in the meantime. New feature? Well, these days feature are creeping into patch releases, but for the most part the major feature releases are withheld until the next platform upgrade, IMO.
_________________
Give a guy a gun, he thinks he's Superman. Give him two and he thinks he's God. - Superintendant Pang, Lashou shentan (a.k.a. Hard-Boiled)
I note that you don't have any OSY member quotes in your sig. - the twinkster
Nonsense. "Bias" is people whom don't agree with me. - FondueDaredevil
Gabe: I wish you weren't a fucking liar.
Tycho: I'm not a liar.
Gabe: Well, I wish you didn't lie.
|
|
| Back to top |
|
|
FondueDaredevil
Linux Looney
Rear Admiral
Joined: 12 Jul 2002
Posts: 5381
Location: My name is Elmer J Fudd, millionaire. I own a mansion and a yacht.
|
| Posted: Tue Jan 10, 2006 7:54 am Post subject: |
|
|
| Mord wrote: |
| I think organizations like Microsoft and Debian get this. Their major platform releases are scheduled years apart and minor software patches are implemented in the meantime. |
Mord, I love what you wrote and agree with it 100%.
| Quote: |
| New feature? Well, these days feature are creeping into patch releases... |
Yes, and it's very poor planning by the projects management when this happens.
_________________
"Our products just aren't engineered for security."
- Brian Valentine, Senior VP in charge of MS Windows Development
"I call on those who question the motives of the president and his national security advisers to join with the rest of America in presenting a united front to our enemies abroad." Sen. Dick Durbin, 1998
"There's no set architecture in Linux. All roads lead to madness" - William Hilf, Microsoft homonculous
Supervillains for Linux!
|
|
| Back to top |
|
|
Magus
Tolkien Loremaster
Vice Admiral
Joined: 17 Aug 2001
Posts: 9521
Location: On the Stairway to Heaven.
|
| Posted: Tue Jan 10, 2006 1:48 pm Post subject: |
|
|
/applaud
Indeed, Mord!
_________________
<Paolo|Work> anything that has to do with Java is by definition stupid
1 The Network is my domain, I shall not want; 2 though it makes me wait upon collision, it leads me to the Internet; 3 it restores my connection. It leads me in paths of hypertext transfer for google's sake. 4 Even though I walk through the valley of the shadow of power failures, I fear no data corruption; for backups art with me; thy UPS and thy status light, they comfort me. 5 Thou preparest a firewall before me in the presence of my enemies; thou anointest my CD-R with BurnProof, my buffer never underflows. 6 Surely good deals and pr0n shall follow me all the days of my life; and I shall dwell in the house of the Datacenter for ever.
-HitScan
Wilde is a 4' chinese man in a bright pink tutu, lime green pimp hat with peacock feathers, and a purple feather boa, wearing tissue stuffed snakeskin combat boots, holding a gun bigger than he is, smoking a cigarette in the parking garage, trying to look menacing while pouting and head banging to Godsmack I stand alone |
|
| Back to top |
|
|
Mord
Console Cowboy
Vice Admiral
Joined: 04 Sep 2002
Posts: 8022
Location: Where the rubber meets the road.
|
| Posted: Tue Jan 10, 2006 2:15 pm Post subject: |
|
|
I'm also getting sick and damn tired of "emerging world" under Gentoo and then everything just fucking breaks. Unless ou emerge world every few days, something will go wrong. My current kitchen computer's sound up and died on me because something changed in the ALSA modules between versions. So as soon as I figure out the problem and get everything working again, I'm going to freeze its config and not update again unless theres a very compelling security issue.
_________________
Give a guy a gun, he thinks he's Superman. Give him two and he thinks he's God. - Superintendant Pang, Lashou shentan (a.k.a. Hard-Boiled)
I note that you don't have any OSY member quotes in your sig. - the twinkster
Nonsense. "Bias" is people whom don't agree with me. - FondueDaredevil
Gabe: I wish you weren't a fucking liar.
Tycho: I'm not a liar.
Gabe: Well, I wish you didn't lie. |
|
| Back to top |
|
|
HitScan
More portable than j00
Rear Admiral
Joined: 01 Mar 2001
Posts: 5698
Location: in.us
|
| Posted: Tue Jan 10, 2006 2:23 pm Post subject: |
|
|
It sounds like the (major) BSDs work the same way you're after. (slow, planned updates) I'm a fan as well.
It sounds like you would like how pkgsrc works too, it has regular quarterly releases, which recieve security related updates in sync with -current. Aside from sec updates you just rebuild things once every 3 months.
What is portage's release schedule? -current only, branched quarterly/monthly/etc? I've not look into it much.
_________________
My mind's slacking process has real-time priority.
A kernel is only as strong as its weakest Interrupt Service Routine.
"I was going to write my congressman, but I can't find my checkbook." - /. poster
"Wiffleball bats are good, because they can be retrofitted with lead pipes." - Harbinger
|
|
| Back to top |
|
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.11j © 2001-2005 phpBB Group with many Smammy additions by Jeremy Reimer 2003-2005
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
