Re: can an 'unstable' system be made secure?

[Bernd Eckenfels <lists@lina.inka.de>]

On Thu, May 27, 2004 at 07:55:13PM +1000, James Sinnamon wrote:
> So, can I expect to be able to make my 'unstable' system secure 
> if I am prepared to be vigilant and put in the extra effort, or is it a 
> lost cause?

Well, it can be done, if you track the inofficial and offical exploit lists,
annd be prepared to invest forward-porting time yourself.

However, you should perhaps start  with describing, what the reason is, for
using unstable. Usually it is enough to put unstable in deb-src apt.sources
and then use 'apt-get source "<package>" ; cd package* ; debian/rules
binary' to have that new version working on stable or tesing. 

Another option would be to go with a security enhanced debian derivate or
one of the smaller appliance distributions. It realy depends on what are you
planning.

Personally I think even tracking unstable on a firewall is a pain in the
ass, if this is used in production environemnt.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Mörscher_Strasse_8.76185Karlsruhe.de --
 ( .. )      ecki@{inka.de,linux.de,debian.org}  http://www.eckes.org/
  o--o     1024D/E383CD7E  eckes@IRCNet  v:+497211603874  f:+497211603875
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!