Re: APT 0.7 for sid
On Fri, Jun 08, 2007 at 01:01:18PM +0200, Gabor Gombas wrote:
> On Fri, Jun 08, 2007 at 11:36:57AM +0100, Luis Matos wrote:
>
> > i have 2 servers that i only login for apt-get update && apt-get upgrade
> > -y, they are running sarge (yet) and only install security upgrades.
> >
> > These 2 server will not be put in danger by making the update && upgrade
> > in an autonomous way.
>
> IIRC a security update in sarge changed sudo's behaviour and that broke
> many local scripts. We decided that the security threat addressed by the
> update was basically zero and went back to the old version - finding &
> fixing all the broken scripts was simply not worth the effort.
>
> So an automatic security update _can_ break a working server.
Yes, of course. *Any* change to the software might break a working
system, either because it introduces or uncovers bugs, or because it
changes something a script or third-party app relies on.
Perhaps an automatic security update system could make use of additional
info (local or remote exploit, etc) to offer more control over the
balance of risks.
Would such a system have saved you from unnecessary automated breakage ?
Regards,
Paddy
--
To UNSUBSCRIBE, email to debian-devel-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: