Re: [mailinglists] Re: Trusting Backports and unofficial Repositories

To: "Craig Sanders" <cas@taz.net.au>
Cc: <debian-isp@lists.debian.org>
Subject: Re: [mailinglists] Re: Trusting Backports and unofficial Repositories
From: "Philipp" <mailinglists@oberberg.net>
Date: Tue, 20 Jul 2004 09:41:54 +0200
Message-id: <[🔎] 05eb01c46e2d$0765eb00$1502a8c0@PHILIPP>
References: <[🔎] 02df01c46cb9$48134af0$1502a8c0@PHILIPP> <[🔎] 20040720001044.GA22334@taz.net.au>

Hi Craig,

> > 1) Are you using unofficial repositories on production servers ?
>
> no, i run unstable on several dozen production servers without a problem.
i
> find that doing that is an excellent way of both keeping software
up-to-date
> and also keeping several months ahead of the script-kiddies.  i upgrade,
on
> average, once or twice a month by first upgrading my workstation (which
> generally has the same packages as the servers for testing and
development)

[...]

first, thank you for you long and comprehensive answer, but we wont use
unstable.
we wont do for at least these two points 1) unstable packages are upgraded
_very_
often. my workstation is "testing", and i upgrade every week. there are
always plenty
of packages to upgrade. of course a server will not have that much packages
installed,
but its still way to much. 2) unstable is, as the debian developers put it,
unstable. the major
point is, that you cannnot chose to have a stable packages of, lets say, gd,
but an unstable
php. if you install the unstable php with gd support it will ask for the
depended gd-version.
so many packages will be unstable.

> i really don't see the point of stable+backports - installing backports
defeats
> the original purpose of running stable, it's like saying "i'll have a
black
> coffee......but with a little bit of cream"*, so you may as well run
unstable.

i dont think so. the purpose of debian stable is running a stable system and
you still
do to a certain point if you run a few backported packages. of course its
not a black
coffee anymore. if you have a firewall that guards every single port and
denies every
connection that comes in you might be pretty safe. if you now open port 80
to make
the world connect to your webserver you are not that safe as you were
before, so now
theres some cream in the coffee. but there is also an advantage: people can
connect
to your webserver.

its the same with backports in my opinion: using a stable system has the
advantage to
be stable. but for a few packages you are in the need for features. whats
better now:
putting some cream in the coffee or go for pure milk ?


Regards,
Philipp

Reply to:

Follow-Ups:
- Re: [mailinglists] Re: Trusting Backports and unofficial Repositories
  - From: Craig Sanders <cas@taz.net.au>

References:
- Trusting Backports and unofficial Repositories
  - From: "Philipp" <mailinglists@oberberg.net>
- Re: Trusting Backports and unofficial Repositories
  - From: Craig Sanders <cas@taz.net.au>

Prev by Date: Re: max requests a celeron web server can handle
Next by Date: Re: max requests a celeron web server can handle
Previous by thread: Re: Trusting Backports and unofficial Repositories
Next by thread: Re: [mailinglists] Re: Trusting Backports and unofficial Repositories
Index(es):
- Date
- Thread