On Tue, Mar 14, 2000 at 11:02:20PM +0100, Josip Rodin wrote: > On Wed, Mar 15, 2000 at 08:42:07AM +1100, Craig Sanders wrote: > > this same empirical evidence has also proved that 'stable' is LESS > > stable and reliable and secure than 'unstable'. the few debian boxes > > which i know of that have been compromised were cracked BECAUSE they > > were still running stable and had older versions of various programs > > which had known security holes. > > Uh, which were the packages in question? Did you report it at the > time?
no need, the holes were already well known - and fixed in unstable. security is one of the main reasons i run unstable and upgrade regularly...script kiddies may be stupid, but they are capable of running an exploit written by someone else - so you have to keep at least a few months ahead of them. running unstable is not a 100% guarantee of security (nothing is or can be)...however, in practice there is only a few days (at most) window of opportunity between an exploit becoming known and my servers being secured against it. all i have to do is login with ssh and run apt-get to upgrade. craig -- craig sanders
