> If there genuinely is something as easy as "yum update bind", then
> great. But if so, it doesn't seem to be documented, and this is the
> reason I haven't rolled out more OpenBSD boxen in the real world. I
> run OpenBSD on my own machines. But I'm with Cian here. Keeping up
> to date really is its Achilles heel compared to other OSes, and is
> holding it back for corporate use.
So when you do "yum update bind" how many people are you extending
trust to? Note that this isn't a rhetorical question, I'm actually quite curious
how people rationalize this aspect of binary updates.
When I apply a patch that I can read I'm pretty sure what I'm getting*.
-N
* If you haven't read it before you must read "Reflections on Trust":
http://cm.bell-labs.com/who/ken/trust.html
