On Sat, May 02, 2009 at 06:27:44AM -0500, Neal Hogan wrote: > FYI - While many of the fBSD folks will tout there ports/package > system, I found it to be a pain (especially the upgrade), as did many > others. There has recently been some chatter on their general mailing > list to overhaul how they handle packages. Again, I found oBSD's > package handling system to be superior. Last I looked (last week), OBSD doesn't have security updates (patches) for their packages; they only provide patches for the base release. If you want to run -current, then the packages get security patches. Since I'm on dialup, that would mean a lot of bandwidth time; basically, every time firefox or some third-party app required a security fix, I'd have to download the source for _everything_ and recompile _everything_.
I wish I had time to work out a system that would run on base OpenBSD yet compile debs with OpenBSD's souped-up compiler. Then one would have the security of OpenBSD with good package security (Debian's security team with OpenBSD's compiler, with good responsivness). All the BSD's have a system to audit your installed packages for ones listed in a database as being insecure but the follow-on of patches to fix them is missing. Doug. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org