On Tue, Jun 24, 2003 at 11:53:36AM +0300, Jim Xochellis wrote: > Hi, > > On Monday, June 23, 2003, at 11:48 PM, D J Hawkey Jr wrote: > > >In article <[EMAIL PROTECTED]>, > > [EMAIL PROTECTED] writes: > >>Hi List, > >> > >>I need to apply some security patches to my FreeBSD(i386) 4.7-RELEASE > >>box and I am concerned about the possibility that I could actually > >>harm > >>my system while trying to apply this patches. (I am not a Unix guru > >>actually) > > > >Is there any particular reason you don't want to use cvsup(1) against > >the "security" or "current" branches? Release 4.7 is still supported by > >the Security Team, after all. See the Handbook if you don't know what > >this means. > > > > Recompiling the whole system seems a little scary to me, but I thing > that I am going to do it anyway!
Yes -- if you apply patches or you use cvsup(1), you get updated source code, which you've got to compile and install -- either the whole system or just the parts affected by the patch. This seems alarming to the uninitiated, but once you've done it a few times, it becomes routine. On the other hand, check out the security/freebsd-update port and it's associated web site at http://www.daemonology.net/freebsd-update/ -- this isn't an 'official' part of FreeBSD yet (surely only a matter of time, though). This is a very interesting system for generating minimally sized binary patches that can be applied directly to a system without requiring a compilation step. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature