Re: The nature of unstable (was: Danger Will Robinson! Danger!)

To: Josip Rodin <joy@cibalia.gkvk.hr>
Cc: debian-devel@lists.debian.org
Subject: Re: The nature of unstable (was: Danger Will Robinson! Danger!)
From: Craig Sanders <cas@taz.net.au>
Date: Wed, 15 Mar 2000 09:18:00 +1100
Message-id: <[🔎] 20000315091800.C1373@taz.net.au>
Mail-followup-to: Craig Sanders <cas@taz.net.au>, Josip Rodin <joy@cibalia.gkvk.hr>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20000314230220.D30160@cibalia.gkvk.hr>; from joy@cibalia.gkvk.hr on Tue, Mar 14, 2000 at 11:02:20PM +0100
References: <[🔎] 20000312155341.A21977@molehole.dyndns.org> <[🔎] 20000313115047.D1215@3dlabs.com> <[🔎] 20000313090843.G12297@visi.net> <[🔎] 20000314220115.A1373@taz.net.au> <[🔎] 20000314090250.I357@visi.net> <[🔎] 20000315084207.B1373@taz.net.au> <[🔎] 20000314230220.D30160@cibalia.gkvk.hr>

On Tue, Mar 14, 2000 at 11:02:20PM +0100, Josip Rodin wrote:
> On Wed, Mar 15, 2000 at 08:42:07AM +1100, Craig Sanders wrote:
> > this same empirical evidence has also proved that 'stable' is LESS
> > stable and reliable and secure than 'unstable'. the few debian boxes
> > which i know of that have been compromised were cracked BECAUSE they
> > were still running stable and had older versions of various programs
> > which had known security holes.
>
> Uh, which were the packages in question? Did you report it at the
> time?

no need, the holes were already well known - and fixed in unstable.

security is one of the main reasons i run unstable and upgrade
regularly...script kiddies may be stupid, but they are capable of
running an exploit written by someone else - so you have to keep at
least a few months ahead of them.

running unstable is not a 100% guarantee of security (nothing is or can
be)...however, in practice there is only a few days (at most) window
of opportunity between an exploit becoming known and my servers being
secured against it. all i have to do is login with ssh and run apt-get
to upgrade.

craig

--
craig sanders

Reply to:

Follow-Ups:
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Josip Rodin <joy@cibalia.gkvk.hr>

References:
- Re: Danger Will Robinson! Danger!
  - From: Steve Greenland <stevegr@debian.org>
- The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Paul M Sargent <pauls@3dlabs.com>
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Ben Collins <bcollins@debian.org>
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Craig Sanders <cas@taz.net.au>
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Ben Collins <bcollins@debian.org>
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Craig Sanders <cas@taz.net.au>
- Re: The nature of unstable (was: Danger Will Robinson! Danger!)
  - From: Josip Rodin <joy@cibalia.gkvk.hr>

Prev by Date: Re: The nature of unstable (was: Danger Will Robinson! Danger!)
Next by Date: Re: The nature of unstable (was: Danger Will Robinson! Danger!)
Previous by thread: Re: The nature of unstable (was: Danger Will Robinson! Danger!)
Next by thread: Re: The nature of unstable (was: Danger Will Robinson! Danger!)
Index(es):
- Date
- Thread