vulnerability of Linux

Rodolfo Alcazar rodolfo.alcazar at padep.org.bo
Mon Nov 28 20:29:17 UTC 2005 

On Mon, 2005-11-28 at 21:18 +0800, John Summerfied wrote:
> Rudolf Kastl wrote:
> >>>- Have updated systems! update your system daily. Yum must program your
> >>>yum or apt updates to run at least daily.
> >>
> >>That is plain stupidity. It is worse than securing your system sensibly
> >>and applying _no_ updates.
> > 
> > no its not. if thats your policy fine. it shouldnt be an end users
> > policy though.
> > 
> Justify yourr assertion: I gave reasons for mine.

- Checking every update (extensely as you require) implies a really high
cost, a lot of resources. If you can afford that, really its fine for
you, but a common enterprise cant. 

- Server-side applications are highly mature.

- Fedora (and debian in my case) releases high-tested new versions you
can trust on. And consider Fedora have a bleeding edge-releasing
philosophy. Debian is more conservative.

- Any failing update can be reversed. I had this case only once since
september 2003, with 5 fedora servers. The downtime was about 1 hr and
was caused by perl on squirrelmail. I waited til next perl version and
all worked fine. Important: store past rpm and apt files.

> >>If you blindly apply updates as they appear, you will get a broken
> >>system, nothing surer.

Thats highly subjective ("nothing surer"???). Gnome applications has the
higher fail-task (i think), and I apply updates daily on my local PC.
Works really fine since a year ago. Couple of years ago, some apps,
including evolution failed occassionally, but now thats history.

> > end users have no clue and thus cant select what they need. actually
> > with only backported fixes nothing should break with tested updates.
> 
> If users want that kind of support they better pay for it. Fedora Core 3 
> did in fact break just as I said, with USB not working, at least on 
> certain laptops.

Cheers!

--
Rodolfo Alcazar - rodolfo.alcazar at padep.org.bo
Netzmanager Padep, GTZ
591-70656800, -22417628, LA PAZ, BOLIVIA
http://otbits.blogspot.com
--
When you finally buy enough memory, you will not have enough disk space.

More information about the fedora-list mailing list