|
Grex > Coop12 > #46: November 3rd, 6:00 PM, 607 Ross St.: Special meeting to discuss the future configuration of Grex |  |
|
| Author |
Message |
| 25 new of 181 responses total. |
spooked
|
|
response 100 of 181:
| 
Oct 20 03:36 UTC 2001 |
Uh huh, so my pay-for-significant-amount-of-Solaris support/code
suspicions were correc, Marcus?
|
aruba
|
|
response 101 of 181:
|
Oct 20 04:24 UTC 2001 |
Marcus, can you make the meeting as scheduled, at 6PM on November 3rd?
|
styles
|
|
response 102 of 181:
|
Oct 20 07:37 UTC 2001 |
freebsd on m-net, as far as fixes go, is simple, because you can create a
specific filesystem dedicated to os rebuilds and have a nightly cron job cvsup
the latest source tree, and 'make buildworld.' thus, the latest fixes are
already compiled and waiting for install when the advisories come out, and
it's easy to just cd to the proper source directory and make depend and make
install.
|
mdw
|
|
response 103 of 181:
|
Oct 21 02:13 UTC 2001 |
I hope to be there Nov 3, yes.
A nightly build? Sounds like a real good formula for "slightly
unstable". Or, if you only install when security announcements come
out, you're usually running versions compiled by somebody who was an a
big hurry.
|
aruba
|
|
response 104 of 181:
|
Oct 21 04:19 UTC 2001 |
Great, we can consider the time and place official, then.
|
styles
|
|
response 105 of 181:
|
Oct 21 21:56 UTC 2001 |
103: just a build, not an install. you can go where you need to in the
source tree and install whatever patched library or application it is that
has the hole in it, and if a bug in the committed patch is discovered the next
day, you can go through the same step two or three steps again. It feels a
lot more stable than waiting for a tried and true patch to come out when
there's hax0r code out there that will let joe loser rm -rf / in a matter of
minutes/seconds on the non-rush-patched holes.
|
davel
|
|
response 106 of 181:
|
Oct 22 13:17 UTC 2001 |
Ahem. After reading again through this entire item, I'd like to confirm a
few particulars about the meeting itself:
- Nov 3, 6 PM?
- 607 Ross St. (in AA)?
- potluck? (all the lock-them-up-with-pizza discussion has me *very*
uncertain on this one)
Thanks.
|
gull
|
|
response 107 of 181:
|
Oct 22 15:16 UTC 2001 |
Re #98: I think part of janc's point was that you can generally only
get patches for any particular FreeBSD or OpenBSD release for a year or
two, but patches are released for older Solaris releases for a long
time. This is important if you don't want to be rebuilding the system
on a new OS version every 12 months.
Re #102, 105: Ugh. You should never base a production system on CVS
builds. I've tinkered with CVS-maintained code, and it inevitably
breaks from day to day as people submit updates that inadvertantly
break other people's code, sometimes with severely bad consequences.
This is why most serious projects do a "code freeze" before they
release a new version. There are very few exploits that allow an
attacker to do an "rm -rf / in seconds", and the few that do tend to
have work-arounds that can be implemented before the official patch is
available. (The last one I can think of that was literally that severe
was the 'rlogin -froot' vulnerability that was discovered about five
years ago, though there have probably been one or two since then.)
|
cross
|
|
response 108 of 181:
|
Oct 22 18:58 UTC 2001 |
Regarding #107; Actually, the *BSD's -STABLE branch is to track only
stable, tested fixes as they come along; the FreeBSD teams stance on
it is to think of -STABLE as a stream of bug fixes and patches for
known problems, and indeed, they recommend tracking it on production
servers. I think what you're thinking of is a development branch.
I think that any hole that gives access to a root shell is one that
allows one to do an rm -rf / in seconds (if the attacker is thusly
motivated).
|
aruba
|
|
response 109 of 181:
|
Oct 22 22:15 UTC 2001 |
Re #106:
November 3rd, 2001, AD
6:00 PM
607 Ross Street, Ann Arbor, Michigan, USA
Potluck. If someone or some group would like to bring/order pizza as their
contribution to the potluck, I predict it will be received well. However,
we can probably flatten other dishes enough to slip them under the door.
|
janc
|
|
response 110 of 181:
|
Oct 23 00:14 UTC 2001 |
If anyone is intimidated by potlucks (I used to be), you have my permission
to show up without food, so long as you keep your consumption moderate at
least until it becomes obvious that there will be lots of left overs. Also
bringing soft drinks or chips is fine.
|
styles
|
|
response 111 of 181:
|
Oct 23 01:16 UTC 2001 |
re 108: exactly. thank you.
|
gull
|
|
response 112 of 181:
|
Oct 23 13:43 UTC 2001 |
Re #108: Indeed, thanks for the clarification.
|
scott
|
|
response 113 of 181:
|
Oct 23 14:03 UTC 2001 |
I hereby decline my nomination. Thanks, though.
|
styles
|
|
response 114 of 181:
|
Oct 23 23:05 UTC 2001 |
might want to decline in the right item, though.
|
bhoward
|
|
response 115 of 181:
|
Oct 27 09:39 UTC 2001 |
i'm really looking forward to reading about the results of this meeting.
please remember that at the end of the day (or in this case, the
meeting), agreeing to some workable solution, even if not perfect and
not necessarily ones preferred choice, is the important thing to get
out of the meeting.
|
tsty
|
|
response 116 of 181:
|
Nov 2 10:31 UTC 2001 |
is that addres just off arborview, near dexter/maple?
|
tsty
|
|
response 117 of 181:
|
Nov 2 10:41 UTC 2001 |
if so, the below url, when strung together as a single line
on your location/address bar, (cut-n-paste each line into
that field leaving NO spaces).
provides a nice map in netscrape 4.x
http://mapquest.com/cgi-bin/ia_find?link=btwn%2Ftwn-map_results&uid=
uae5r9hdv2pcb2ld%3Ats5fyllu7&SNVData=3mad3-h.fy%2528wal5y2_%2529rba047
%253bpq%257cs9z%2Cp7%253b8aq.hqu%253b%25280uz%252b%2518X%2515G%252bEJ
%2528%2513W%2511%252b%2513%2514VQ%2518%253dED_qr22l%253dbsuu%2528%2511E
%253arl1rzn%253d%253dyx0z82%253d0%2Crb%253b7%253bb5m-r2qfj5m%253be10h
%25284&pcat=&aphoto=0&MAP_AB_LABELS=&WORK=&mouse_mode
=center&map.x=382&map.y=290
|
tsty
|
|
response 118 of 181:
|
Nov 2 10:42 UTC 2001 |
oh, i tried it, it works (for the faint of heart).
|
janc
|
|
response 119 of 181:
|
Nov 2 15:28 UTC 2001 |
For those who are faint of heart, this might be easier to type:
http://www.valeriemates.com/directions.html
(This was entered by Valerie, with directions, in response 66 to this item.)
|
keesan
|
|
response 120 of 181:
|
Nov 2 16:08 UTC 2001 |
If people would list what they plan to bring to the potluck we could try to
avoid duplication (for instance not have everyone bring salad or dessert).
I am making raisin bread and maybe brussels sprouts.
|
aruba
|
|
response 121 of 181:
|
Nov 2 16:15 UTC 2001 |
Reminder that the potluck is TOMORROW NIGHT, November 3rd, 6 PM, 607 Ross.
I will probably bring chili (with meat).
|
janc
|
|
response 122 of 181:
|
Nov 3 01:59 UTC 2001 |
Probably we'll provide some sort of vegetarian main dish. Turkeyless
Tetrazine maybe? It's up to Valerie.
Note that we are not one of those households that keeps quantities of soft
drinks or other beverages on hand. I think we may have a couple liter bottles
left over from some past party - maybe Squirt and decaffinated Coke. So it
would be useful if someone brings drinks.
|
janc
|
|
response 123 of 181:
|
Nov 3 02:05 UTC 2001 |
Oh, as of today we have a wireless network in the house. So if you have a
laptop with a wireless network card, it may be possible to use it for quick
net searches to see if FooBSD really does run on massive networks of Sinclair
ZX80's.
|
tsty
|
|
response 124 of 181:
|
Nov 3 06:54 UTC 2001 |
if all goes well, i will bring vegan spaghetti.
ir all goes well .....
|