[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposed automatic update of packages in default GCE image; was "Re: Updating images on GCE to address CVE-2014-0160"


On 2014-04-11 11:43:45, Matt Alexander wrote:
> To clarify for Debian on GCE, we'd like to have only *security*
> updates enabled by default (the case when installing the
> unattended-upgrades package), with information in motd and documented
> elsewhere so that admins that don't want security updates can disable
> them.

As explained before none updates are automated in Debian except those switched
on by sys admins them selfs. We should stick what is default in official Debian

> There's no perfect solution here since there's always the potential
> that a security patch could break something for users.  However, I
> believe there's a "greater good" argument to be made for keeping users
> more secure by default at the expense of the rare failure.

Why are you trying to suggest that sys admins are not capable of carrying for
it on their own? Managing automated changes in Debian is not complicated but
should be left for local admin.

>  Having
> automatic security updates becomes even more important in the Cloud
> scenario where users pay much less attention to the OS layer than a
> typical sysadmin might that's running Debian servers at their company.

I won't agree with it, but if they don't pay attention to servers they are
responsible for, sorry but it's not our problem but theirs and they change
their mind set. All systems need care cause 'cookies need love'.

> For the case of "I don't want my MySQL service restarting without my
> knowledge", it's easy for an admin to add MySQL to the
> Unattended-Upgrade::Package-Blacklist section of
> /etc/apt/apt.conf.d/50unattended-upgrades, for example.

It's easy to setup automated upgrades for security too and from my experience
opt-in is in many border cases much better solution then opt-out specially when
you're not in the position to forecast what problems it may cause on highly
customised systems.

> It'd be great to see Debian lead the way among distros of changing the
> default expectation to "I get security updates automatically and
> therefore don't have to spend time worrying about tracking and
> applying security patches for my apps".  I don't see this as "trying
> to think for our users", but more about making their OS easier to
> manage and staying secure by default.

As I wrote above I won't agree with this point of view for many reasons. For me
it'll create more problems specially on systems loaded 24/7.

I can agree that opt-out and opt-in are similarly easy to setup but
consequences of those to approaches are very different on production systems
and in my opinion it's better to be save (spend a bit more time to apply
updates) then sorry when 12h running DB query for CEO report will fail because
of it and the board meeting is in 4h.

|_|0|_|                                          |
|_|_|0|         "Heghlu'Meh QaQ jajVam"          |
|0|0|0|         -------- kuLa ---------          |

gpg --keyserver pgp.mit.edu --recv-keys 0x58C338B3
3DF1 A4DF C732 4688 38BC F121 6869 30DD  58C3 38B3

Attachment: signature.asc
Description: Digital signature

Reply to: