[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: upgrading to MySQL 4 on woody

Sorry, I forget sometimes that security is different for different installations. Yes, it
would be an issue in a cs department at a college :) I remember when . . .

In my case, db access is limited to the web server, via cgi scripts I write or are relatively
easy to keep patched. And, there are at most a half dozen accounts with shell access . . .
everyone else has a shell of /bin/false. If I am living in a fantasy land thinking that gives
me a little leeway, please tell me (God, I know what I've let myself in for here).


BTW, I know what you mean about someone attempting cracks. Turned ProFTP on one of my servers
at a clients request. Several dozen attempts at a login within the first 24 hours. I hadn't
even told the client it was on yet!


> Rod Rodolico said:
>> Becoming a firm believer that you CAN have it all, stability and the
>> latest packages :)
>> There are other places to get backports, BTW. This one works for me.
> Rod,
> Yes I agree with your statements.
> Thanks for the link I'll use it on one of my systems...
> But you don't explicitly have security, you have the testing delay for
> security updates, combined with the propagation time to backports from
> testing.
> I'm still leery of using testing for any publicly exposed service, or for
> machines with shell access.
> I have at most a week from a known kernel exploit to when one of my users
> tries to exploit via shell access.
> --Luke CS Sysadmin, Montana State University-Bozeman
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Media Ethics is an oxymoron, much like Jumbo Shrimp and Microsoft Works. Not to mention NT

Reply to: