Re: Bastille linux : secure linux distribution
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, 04 Jun 1999 Raphael Hertzog wrote:
> Le Thu, Jun 03, 1999 at 07:51:55PM -0400, Branden Robinson écrivait:
> > Debian *CAN* support multiple patches per package *IF* the maintainer
> > chooses to do things that way. My proof?
> >
> > apt-get source xfree86-1
> >
> > (This implementation of source handling is thanks to Adam Heath.)
>
> I'll mail him. :-)
That's interesting. I did not know that Debian source packages can handle this,
because MANY people wrote in MANY documents that exactly this was an advantage
of the RPM source packages.
But now, with the proof in my (your) hands......
> > That leaves us with point 6, which is a vigorous topic of discussion among
> > the Debian developers. Wonder of wonders, people are even coming up with
> > CODE to implement it.
>
> Yes but we're still far away from an automatic installation...
True, and one point that I encourage ALL people with some free time (are there
any :-) ) to work on this topic if they are interested in it. I am in desperate
need of such a feature and I think Debian will look a lot more professional
with this little enhancement.
> > It doesn't look like they've taken a very close look at Debian atall,
> > since half their list of reasons are blatant falsehoods, and an additional
> > third are not even criteria based on technical merit.
I took a very close look on Debian and on RedHat. As I used Debian before I did
the comparison, I tried to find some reasons NOT to use RedHat. However, the
first conclusion was that RedHat indeed was better for mass-installations as I
am planning and for custom, specialied distributions.
Then, when I looked at the internals of the package management system, I
finally decided to use Debian for my security-related packages. The Debian
system is bullet-proof for daily use and for updates of a running system. I
tried to upgrade RedHat packages (distribution-critical) and ran into trouble
(maybe I made a few mistakes - I did never use RedHat over a longer period of
time). But on the Debian side: ysterday I upgraded my development system from
slink to potato during working on it and it worked without any problem.
The second reason for using Debian is APT - a wonderful tool.
Another one was the Debian bug tracking system. It allows us to react to
security-related bugs very quickly
And finally: the open development model is just perfect for building upon it.
<snip>
> And I've read (I can't remember where) that the 'as-yet-unnamed' distrib
> will be based on Debian. But I may be wrong. >
Out distribution will be also be based on Debian, because of the reasons
mentioned above. It is now in development (packages) and I am trying to figure
out how to change to Debian installer to only use the packages I tell it to and
not to ask a few questions that are pointless for out distribution. I will also
created customized CD's, when I find out how.
I thought that might interest a few people. New distributions are not only
based on RedHat.
Rene
--
------------------------------------------------------------------------------
Rene Mayrhofer, ViaNova KEG NIC-HDL: RM1677-RIPE
Email: rmayr@vianova.at Snail: Penz 217, A-4441 Behamberg
PGP(DSS): E661 2E45 9B7F B239 D422 0A90 A4C2 DA09 F72F 6EC5
PGP(D/H): B77F 51A8 B046 87A6 4D61 2C5D 742F F433 6732 E4DC
PGP(RSA): 5D D4 FD A6 CE AF 4B 82 67 7F 59 89 58 CA 61 0D
GPG: 5E50 BDA0 E0B7 75A7 08AA 1123 0A4C 9474 CAA2 658B
------------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: 0lEChwrizqhzmbVnuoD48GiiUqM4Ii9o
iQEVAwUBN1efuzUZOr/Z+6dLAQFQIwgAgeldDsdjRogh+nuy9KT/1xax62Hhn9Ny
215KpCA0wosF8zDWfCLVvy+UC0i87Mi2MyomB4JeCA9a1YlnxW7Ewykhi0VD2HBd
wwFmBB5oijidiFUhtldLMSRuDasTF4uEWJGL8jks6aBdwJXWQeTlChWcEvTfBTJX
xcse1vSaGiqQeu+HqybAAsWmavljCuuQw7v8g+RkYHqnFTJmFUVjjRdSPQySf9nl
vIZgxzBIjsYd5/qvfSY8LeEGcGvGhVjEK5VCXtXOU0m9vEo/KDsVLJZPD9iwBfM+
sMRs2PzbKRtrmNAE7MO5xomIPVdxmuFJgQCQOMRCvNJarEIcASgS0w==
=6npG
-----END PGP SIGNATURE-----
Reply to: