Re: An experimental patching framework...

[Adrian Close <adrian@fernhilltec.com.au>]

On Fri, 27 Jul 2001, d neal wise wrote:

> hi adrian :)

Well, look who popped up!  We should keep in touch more... :)

> feel free (anyone interested) to subscribe to this. we didn't make it
> public because we were just bouncing ideas around. It has somewhat
> disappeared but it just needs to be stirred :)

I'll do that, but for the moment I'll keep posting here too, since I'm
sure there are a bunch of people out there with great ideas.

> or having to put development tools or use awkward manual methods on
> firewalls to keep them patched

I tend to put everything on anyway, and keep it _all_ patched.  In the
case of OpenBSD I think it's probably more work to leave things out... :)

> It would also be very cool to take release OpenBSD and bring it up to date
> quickly and easily with packages (or something) built on the release
> source plus the patch-branch contents. Ideally these would come from some
> verifiable trusted source. i'm getting waaay ahead of myself. i think

This is why I took the build from source approach, since anyone can easily
check that it's doing the right thing, and no-one has to rely on a binary
distribution from anywhere.  If you want binaries, you can do that (or
someone else can do it for you), but it's not mandatory.

> I've been meaning to try some of the work that william and a few other
> people were doing but I got busy and on leave. If you're interested Adrian
> I can send you an archive of the emails sent through the little list we

I'd appreciate that.  I started this from square 0 on Monday, with just my
own ideas and pre-conceptions.  :)

Adrian Close				email:	adrian@fernhilltec.com.au
Internet Security Consultant		mobile:	+61 412 385 201
Fernhill Technology Pty. Ltd.		phone:	+61 3 9876 6844
1/3 Colman Rd. Warranwood, 3134, AU	fax:	+61 3 9876 6855