[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: yum plugin suggestion or yum change?

On 12/5/05, Thomas M Steenholdt <tmus tmus dk> wrote:
> I guess that an important point is that one failing security update does
> not make up for the rest of the equally important security updates not
> getting installed.

who says they other updates are security... or that the other updates
are equally important?  The tools has absolutely no information by
which to make any relative judgement at all.

> If we have 10 security updates and one of these are failing. Wouldn't we
> be better off installing the 9 that don't have any problems.
> certainly the way I see it. The error should be equally noisy, but
> whatever can be updated without problems, really should be.

This leads directly to a false sense of security.
9 updates out of 10, does not mean you are 90% secure.

Are you telling me that you are going to spend an equal amount of time
following up on the errors from partial updates than you do from an
update that fails to happen at all?

> I can't think of any reason not to want this. We're not talking about
> working around any important stability measure. We're talking about
> letting good updates through. If one update is misbehaving, it's
> excluded during this run. that's it.

And the next run, and the next run, and the next run.....
You are building a system which encourages people to ignore the
problem, instead of investigating and resolving the problem.  Let me
put on my mind-reading helmet that looks into the future... all the
way to the year 2000{tm}.

"Why should I bother reporting the partial failure, I'm sure other
people are using the exact same mix of packages from the exact same
mix of repos that I have and have reported the issue... no need for me
to spend time figuring this out"

"I'm getting 90% of the updates I should be quite safe...I'm sure if
it was an important security issue they'd fix it asap no need for me
to report it...."

-jef"we have absolutely no valid mechanism on the client side to
determine if an update is a security update or not...asking tools to
make a judgement and and to be more noisy for some failed updates is
asking for just more noise"spaleta

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]