Patches in FreeBSD
jerrymc at msu.edu
Mon Feb 26 18:43:12 UTC 2007
I am being forced to use something besides FreeBSD - probably Susie or
Red Hat Linux for the base of a server system. The primary reason
given is that when security issues come along, FreeBSD has no way
of patching the running system, but rather requires rebuilding the
system - CVSUP, make, install, etc whereas Susie and Red Hat can
be patched on the fly. I presume this means kernel type security
stuff rather than concerns about third party software.
Up to now, I have not been in a situation that doing a cvsup and builds
and installs or even scratch installs of new versions wasn't just fine,
so that is what I have done and have some experience with. But the powers
that be here are saying that is unacceptable because it will take the
system down too much for critical fixes.
My question is: How do I respond to this?
I have seen the word patch used in security update messages - but
didn't follow that path. Is that real? Does it cover kernel
things essentially on the fly or is a 'time consuming' rebuild
I will look up some stuff on patches in FreeBSD, but would like to
hear some perspective on this.
More information about the freebsd-questions