Raimo Niskanen wrote:
> On Fri, Jul 25, 2008 at 07:36:43AM +0200, Guido Tschakert wrote:
>> Stuart Henderson schrieb:
>> > On 2008-07-24, Mike Shaw <
shawnuff@...> wrote:
>> >> Regarding the cache poisoning patch (which I see for 4.3). Are there
>> >> any effective workarounds for OpenBSD 4.0/4.1?
>> >
>> > The 4.2 patch should also work for 4.1
>> >
>> >
>> I can confirm that the 4.2 patch works with 4.1 (at least for me).
>
> +1
But...what if it didn't?
This is why you have to keep your systems up-to-date, and the
upgrade plans have to be part of your original implementation.
Years ago, I quit doing data recovery for my clients. It
became clear that every time I hauled a client's data out of
the proverbial fire, rather than taking it as a lesson about
how important backups are, they took it as a "lesson" that
backups weren't that important, and "Nick can get our data
back", and thus, got more careless rather than more careful.
My calculation was that they would lose less data if I let
them lose a little now (or pay through the nose and a few
other orifices to the big data recovery services) rather
than recover it now and NOT be able to recover it next time.
I fear that people finding out their old systems can be
"salvaged" by back-porting patches are just going to take
this as "Well, upgrades aren't really that important".
Come on...DNS servers running OpenBSD? That's one of the
easier upgrades you can do...it's all base! (Unlike some
certain other OS where they bundle stuff in, claim they
support the OS for many years, but things like BIND don't
really count... *sigh*).
KEEP YOUR BLOOMIN' SYSTEMS UP TO DATE!
Nick.
