[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: BSD handbook - was Re: debiantutorials.org seeks input and new blood



On Sat, May 02, 2009 at 06:27:44AM -0500, Neal Hogan wrote:
 
> FYI - While many of the fBSD folks will tout there ports/package
> system, I found it to be a pain (especially the upgrade), as did many
> others. There has recently been some chatter on their general mailing
> list to overhaul how they handle packages. Again, I found oBSD's
> package handling system to be superior.
 
Last I looked (last week), OBSD doesn't have security updates (patches)
for their packages; they only provide patches for the base release.  If
you want to run -current, then the packages get security patches.  Since
I'm on dialup, that would mean a lot of bandwidth time; basically, every
time firefox or some third-party app required a security fix, I'd have
to download the source for _everything_ and recompile _everything_.  

I wish I had time to work out a system that would run on base OpenBSD
yet compile debs with OpenBSD's souped-up compiler.  Then one would have
the security of OpenBSD with good package security (Debian's security
team with OpenBSD's compiler, with good responsivness).

All the BSD's have a system to audit your installed packages for ones
listed in a database as being insecure but the follow-on of patches to
fix them is missing.

Doug.


Reply to: