Re: Unsure about security requirements for workstation/server
On Tue, 2006-01-31 at 20:03 +1100, Yasir Assam wrote:
> I know that for production servers only the Stable distribution is
> recommended and as little software as possible should be installed. But
> as a workstation, I'd like to install Unstable and a lot more software
> on it than I would on a pure server (e.g. Gnome/KDE, GIMP and loads of
> other stuff that I like to play around with).
> What should I do? Is it possible to run Unstable in a secure fashion? I
> know the security team focuses on releasing security updates to Stable
> first, but doesn't Unstable get the updates soon after?
unstable is most likely to get the updates first, if the same version is
being used, because the security team will then need to check the
changes. If it is a different version the security updates may be
irrelevant and you will depend on having problems promptly fixed by the
As a compromise, you could install testing, which will be some way
behind unstable, but somewhat less likely to contain serious problems.
For security of your internet connection, install a firewall such as
shorewall (Debian package) and configure it very restrictively.