updatinator benchmarking (Was: rsync benchmarking)
Ivan Krstić
krstic at solarsail.hcs.harvard.edu
Tue Jul 10 10:54:46 EDT 2007
Alex,
On Jul 10, 2007, at 10:21 AM, Alexander Larsson wrote:
> I've been doing some more work on updatinator.
I'm happy to see this work continuing, but I want to set clear
expectations for FRS. I will not give security signoff for the FRS
update system, in my mind one of the most critical subsystems on the
machine, to be based on new code.
I want to explore other update mechanisms after we ship, and
updatinator tops the list. I don't want to discourage your work. But
given where we are with our software and where we need to be a couple
of months from now, we don't have the in-house resources to give
updatinator the kind of scrutiny that would put my professional
paranoia at ease. We take various software risks at different places
in our stack precisely because we're relying on the update system to
work flawlessly. With existing, well-known tools, I can make
reasonable guarantees about that being the case. With new ones,
despite your obvious talent and attention to this problem, I can't.
An rsync-based solution, possibly without even Scott's wrapping
manifest code, is the only update approach I will support for FRS.
After that, we can revisit the issue.
Cheers,
--
Ivan Krstić <krstic at solarsail.hcs.harvard.edu> | http://radian.org
More information about the Devel
mailing list