On Mon, Oct 19, 1998 at 04:40:02PM -0700, Steve Lamb wrote:
> Personally, on production machines that you don't have access to easily
> enough (for me that is walking into the next room) I'd not even think of
> upgrading from a stable to a frozen. I'd just ride the stables out.
There is one thing which should be possible: keeping a debian box at least
secure against attacks. When a security problem is published, there must
be a quick fix somewhere, and easily to download. It seems to me that
stable is taken a bit too much like 'not changing' than 'not crashing' or
'not vulnerable'... I may be wrong and even paranoid, but I would feel
more secure when using unstable when it is at least frozen. I did not do
it, however, and with your sysklogd-problems i seem to be right.
But, what is the policy with security holes? are they fixed immediately in
stable, or will they come in an upgrade dir, like I saw with
'bo-upgrades'? I heard rumors that cd vendors are against every change in
stable, which is understandable. Maybe it will get better with apt?
Or can I feel secure by using stable?
Gruss
--
Lukas Eppler (godot)
http://www.fear.ch
telnet://soil.fear.ch:3333
talk:[EMAIL PROTECTED]
