On Mon, Apr 14, 2008 at 08:34:30PM -0400, Douglas A. Tutty wrote: > On Mon, Apr 14, 2008 at 03:09:26PM -0700, Andrew Sackville-West wrote: > > > Contrast that with sid, bug fixes happen fast. It seems, in my limited > > experience, that serious bugs that get caught in sid rapidly > > disappear, sometimes within hours. Sure there's more churn and > > potentially more opportunities for breakage, but it seems to be pretty > > short-lived. > > > > I've run sid on my desktops for about 4 years now (wow! when did that > > happen) and I can count on one hand the number of times I've had a > > serious enough breakage to cause a real problem for my work. And I can > > count on one finger the number of breakages that required real work to > > get out of (unbootable system...). > > Just remember that a serious (is there such a thing as a non-serious) > security bug doesn't usually show up as breakage.
yeah, that's a good point, thanks for mentioning it. I actually have all my public facing services on an etch box except sshd on my desktop. And that does concern me a bit, but I don't lose sleep over it. I set sshd pubkey only and run fail-2-ban with a long ban time (usually 48 hours) and I think that does it pretty well. A
signature.asc
Description: Digital signature
