Re: [mailinglists] Re: Trusting Backports and unofficial Repositories
> > 1) Are you using unofficial repositories on production servers ?
> no, i run unstable on several dozen production servers without a problem.
> find that doing that is an excellent way of both keeping software
> and also keeping several months ahead of the script-kiddies. i upgrade,
> average, once or twice a month by first upgrading my workstation (which
> generally has the same packages as the servers for testing and
first, thank you for you long and comprehensive answer, but we wont use
we wont do for at least these two points 1) unstable packages are upgraded
often. my workstation is "testing", and i upgrade every week. there are
of packages to upgrade. of course a server will not have that much packages
but its still way to much. 2) unstable is, as the debian developers put it,
unstable. the major
point is, that you cannnot chose to have a stable packages of, lets say, gd,
but an unstable
php. if you install the unstable php with gd support it will ask for the
so many packages will be unstable.
> i really don't see the point of stable+backports - installing backports
> the original purpose of running stable, it's like saying "i'll have a
> coffee......but with a little bit of cream"*, so you may as well run
i dont think so. the purpose of debian stable is running a stable system and
do to a certain point if you run a few backported packages. of course its
not a black
coffee anymore. if you have a firewall that guards every single port and
connection that comes in you might be pretty safe. if you now open port 80
the world connect to your webserver you are not that safe as you were
before, so now
theres some cream in the coffee. but there is also an advantage: people can
to your webserver.
its the same with backports in my opinion: using a stable system has the
be stable. but for a few packages you are in the need for features. whats
putting some cream in the coffee or go for pure milk ?