Re: Bad press related to (missing) Debian security
Adam Majer <adamm@zombino.com> wrote:
> Jan Lühr wrote:
>> In it's last one to two years Woody was starving out of security
>> updates. (Samba, Mozilla, Kernel, etc.).
> These are much less of a problem since they deal with either Intranet
> only applications (Samba),
"Intranet" is not a synonym for "trusted network".
> client side applications (mozilla)
Having one's workstation compromised (e.g. due to some vulnerability of
Mozilla) is a serious thing. There might be confidential data (e.g.
private e-mails) stored on it and in many cases it makes compromising a
server much easier as well (e.g. by logging SSH passwords or stealing
private SSH keys and their passphrases).
> or the kernel that one usually rolls their own for their servers.
If the kernel images provided by Debian (stable) are to be considered
insecure that fact should be stated in clear and simple words where it
will most definitely be recognized by all of its users.
Paul
Reply to: