On 2023-05-12 09:53:15 -0700 (-0700), Jeffrey Chimene wrote: [...] > Agreed. Actually, ossec itself has a debian package, so no ITP for > me :). It made my work significantly easier since the regex > package (pcre2) isn't part of the distro; the absence has a > reason, but it's still an impediment that ossec itself has > addressed with their .deb I'm not sure that official Debian documentation, particularly security-focused documentation, should recommend that sysadmins install packages from third party archives. That'll be up to the maintainers of the documentation to decide, of course. But beyond that... > wget -q -O - https://updates.atomicorp.com/installers/atomic | sudo bash [...] There's a bit of irony in suggesting that security-conscious sysadmins should download and run arbitrary scripts, much less with root privileges. `curl|sudo bash` has virtually become a meme unto itself these days. -- Jeremy Stanley
Attachment:
signature.asc
Description: PGP signature