[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: security in testing

On Wed, May 14, 2003 at 05:37:51PM -0700, Keegan Quinn wrote:
> Sure, every now and then a badly-broken package makes it in for a
> day or two.  This seems to be far less harmful than the massive
> headache that treating 'testing' as a usable release seems to be
> causing.

Something that would make unstable much more useful is if dpkg had a
reliable "undo" capability.  It's.... unpleasant.... when you update a
broken package, and large number of packages break, and you can't
necessarily find a copy of the older, non-broken version of the
package to re-install.  If you're not a developer, you don't have
access to archives, so your choice is to either go back to the stable
or testing version of the package, or try to find a mirror that still
has the n-1 release of the unstable package.

So simply making it easier for people to get a previous version of a
package when the current version in unstable is borked would probably
take away many of the reasons why people might want to use "testing"
instead of "unstable".

The harder disaster scenario to deal with is when after an update,
your system is so totally borked that recovering requires use of a
rescue disk, or other manual interventions.  As I mentioned, there was
a time some years ago, when I was first getting involved with Debian,
where broken perl uploads (which broke dpkg so it was painful to back
out of such a situation), and broken lilo uploads.  Both were screwing
up my system to such an extent that I was spending far more time than
I liked doing manual wizardry just to get my system back to a
recoverable state.

At the time, when I whined and complained, the response I was given
from my Debian mentors at time was to use the testing distribution
instead.  (I was also told, jokingly, that the all of the LILO
breakages was because the lilo maintainer was really a secret GRUB
supporter, and was breaking LILO just to get people to convert over to
GRUB, and that I should just get with the program and switch over to
GRUB.  :-)  

But now people are saying that using testing is a bad thing.  Part of
the problem is that different people have very different ideas about
exactly what testing is useful for.

>Hmm.  Funny how myself and every admin I know have only very minor issues with
>running unstable.  What, pray tell, makes it such an 'obvious' non-option for
>end users?  Well-timed unstable snapshots are often more 'stable' than
>commercial Linux releases, in my limited experience.

Clearly you didn't use unstable when I did several years ago, or
you're just remembering those days through rose-colored glasses.  :-)

But seriously, if the right answer is that people just shouldn't be
using testing, we should say that, in big letters.  And then perhaps
there ought to be tools that make it easier for someone to get their
system functioning again after an unstable package update leaves them
screwed over.  Ideally, that should never happen, but hey, people make
mistakes.  We just need a way to make sure that such mistakes are

						- Ted

Reply to: