It's Bash's turn to have a security hole

Status
Not open for further replies.
jgreco

jgreco

Resident Grinch
Joined
May 29, 2011
Messages
18,680
mattlach said:
Thank you for the explanation. Been running servers for 15 years, but as a hobbyist, not as an IT professional, so I am learning the extra precautions people in that field take.

I definitely understand the stability over bleeding edge argument, but I was always under the impression that current stable releases were sufficient for these goals, and only unstable releases needed to be avoided.
Click to expand...

Sadly, "stable" releases are sometimes only stable in the minds of developers, and the actual experience from the trenches varies. We found FreeBSD 5 and FreeBSD 6 to be catastrof***s and basically regretted most of the machines we deployed with those "stable" releases. Most production boxes around here skipped from FreeBSD 4 to FreeBSD 7 when that finally came out. It isn't too hard to find examples for most other systems where people have simply avoided the "newer" because it didn't work as well. I mean, think of Windows XP vs Vista, or Win7 vs Win8.

The strategy that iX has adopted for having an intermediate stage, TrueOS, is interesting because it allows them to integrate newer meaningful changes into an older, more stable system. It is a rough road to take but may offer the best compromise between stability and not getting ridiculously far behind the bleeding edge.
 
mattlach

mattlach

Patron
Joined
Oct 14, 2012
Messages
280
jgreco said:
Sadly, "stable" releases are sometimes only stable in the minds of developers, and the actual experience from the trenches varies. We found FreeBSD 5 and FreeBSD 6 to be catastrof***s and basically regretted most of the machines we deployed with those "stable" releases. Most production boxes around here skipped from FreeBSD 4 to FreeBSD 7 when that finally came out. It isn't too hard to find examples for most other systems where people have simply avoided the "newer" because it didn't work as well. I mean, think of Windows XP vs Vista, or Win7 vs Win8.

The strategy that iX has adopted for having an intermediate stage, TrueOS, is interesting because it allows them to integrate newer meaningful changes into an older, more stable system. It is a rough road to take but may offer the best compromise between stability and not getting ridiculously far behind the bleeding edge.
Click to expand...


Yeah, my concern when it comes to staying with older releases was keeping up with all the security patches. There are so many more individual pieces of software in your typical FOSS OS, than I can hope to keep up with and make sure security fixes have been backported. I usually solve this by simply going with the latest long term release, and trusting the maintainers on the long term releases to keep up with it.

That being said, corporate IT where I work still has IE8 on the default images, so I guess security isn't one of their top priorities...

anodos said:
Great, now you're undermining my plans segueing into a VIM vs EMACS holy war. :)
Click to expand...

:p I use Vim. Don't have anything against Emacs, I just learned Vim first, and don't want to spend the time and energy learning another.
 
C

cyberjock

Inactive Account
Joined
Mar 25, 2012
Messages
19,526
Just an FYI... 9.2.1.8 is available at download.freenas.org. Expect an announcement shortly. ;)
 
Status
Not open for further replies.

Similar threads

B
  • Locked
I seem to have a love/hate relationship with FreeNAS and ZFS
2
Replies
37
Views
6K
brando56894
B
B
  • Locked
68 years to copy a 13 byte file
Replies
1
Views
578
joeschmuck
joeschmuck
Yatti420
  • Locked
How to Install TeamSpeak 3 Server Into A Jail
2 3 4 5 6
Replies
113
Views
75K
HolyK
HolyK
DrKK
  • Locked
A Quick Intro to Jails
Replies
15
Views
58K
Robert Trevellyan
R
R
  • Locked
[GUIDE] Teamspeak3 on FreeNAS 9.10!
Replies
6
Views
3K
rafadavidc
R
Top