Linked by Thom Holwerda on Fri 10th Apr 2009 15:43 UTC, submitted by Alexander Yerenkow
PC-BSD PC-BSD, the desktop-oriented FreeBSD variant, has released version 7.1, dubbed Galileo. In case you don't know, PC-BSD is a FreeBSD distribution with lots of customisations focussed on the desktop user. Its most defining features is the Push Button Installer, a self-contained package format with handy installers/uninstallers. PC-BSD 7.1 comes loaded with changes and updates.
Thread beginning with comment 358377
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: PBI's
by papertape on Mon 13th Apr 2009 15:04 UTC in reply to "RE: PBI's"
papertape
Member since:
2008-05-04

The potential difficulty you point out with multiple updating of applications versus single updating of the affected library is real, and has been mentioned several times in connection with PC-BSD's approach.

The approach taken by PC-BSD (outlined in the other response to your post) is one way of trying to ensure that all occurrences are updated painlessly.

But I also wonder just how much the situation you describe occurs in practice. Usually, library code is written by more experienced (and hopefully more careful) coders. It is also the most examined. Not saying they don't have vulnerabilities, obviously they do. But at a far lower rate than applications.

For example, take a look at FreeBSD security advisories:

http://www.freebsd.org/security/advisories.html

Not too many instances of library problems, almost entirely application code. So I don't think the PC-BSD vulnerability is that much greater than a regular FreeBSD system. Of course, if a popular library is affected, then the potential exposure is far greater, as you point out.

Reply Parent Score: 1