> If you're satisfied with the existing feature set, are new features > really anywhere near as important as security fixes? Particularly > when it comes to production servers?
New features aren't important at all. It is all about maintaining the current state of a server while keeping it secure on a hostile network. And with the least amount of effort, where security updates do not break anything... > No kidding. There's one person on the Portland Linux User's Group > mailing list saying he's just has his up-to-date Red Hat server > compromised as many times as the Windows server it's replacing. That > just has to be exasperating for him! RedHat has been a frustrating experience. I put a lot of effort into building a few rpms for RedHat 7.1 that met some very specific needs. Also created a kickstart CD that loaded 'my' version of RedHat 7.1 onto headless servers without user intervention. When the CD popped out the box was accessible via ssh on the local network. So RedHat pumped out a bunch of releases in fairly quick succession. RedHat 8 was never fit for production use, IMHO. When RedHat 9 was released I was still deploying new servers using RedHat 7.2. Then updates for anything but RedHat Enterprise Linux quickly vanished. My BIG issue is the short lived support in terms of security updates. Having to reinstall a server after 18 month is totally unacceptable. > Not long after the next Stable happens, because it's not hard to > upgrade in Debian. 18 months seems about average, IIRC. This means that for longest possible support I should be looking at deploying Sarge, not Woody. How timely are security issues addressed in a Sarge? Adi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
