Re: security in testing
On Wed, May 14, 2003 at 05:37:51PM -0700, Keegan Quinn wrote:
> Hmm. Funny how myself and every admin I know have only very minor issues with
> running unstable. What, pray tell, makes it such an 'obvious' non-option for
> end users? Well-timed unstable snapshots are often more 'stable' than
> commercial Linux releases, in my limited experience.
As you say, mostly unstable is just fine but...
> Sure, every now and then a badly-broken package makes it in for a day or two.
> This seems to be far less harmful than the massive headache that treating
> 'testing' as a usable release seems to be causing.
...when things go wrong they can *really* go wrong. I've had my system
rendered unbootable by unstable packages before and while I've not had a
problem coping with things yet I'd not J. Random User to cope.
You'll also find that applications can be completely broken for extended
periods of time in unstable which is a tad inconvenient if you're trying
to use them (for example, gnucash has been segfaulting on startup on
PowerPC for a while now). Again, I can cope but I don't think it's a
good idea to suggest people run it without giving the matter some
thought.
One of the things that people were hoping for with testing when it was
first introduced was that the crippling bugs where thing just don't work
would get caught before things hit testing. If testing were actually
getting prompt updates most of the time that'd make it a slightly less
current alternative to unstable with much reduced risk of something
overly nasty happening.
Most of the problems that have come up (like the big holdups) weren't as
widely discussed.
--
"You grabbed my hand and we fell into it, like a daydream - or a fever."
Reply to: