Re: Security updates
On Fri, Oct 03, 2003 at 09:39:54AM +0200, Daniel J. Priem wrote:
> 1. choice
>
> everytime where a new busybox | xserver_something | another package
> due to security reasons is released
> LTSP also needs and gets an secupdate
>
> 2. choice
>
> or having something like
>
> build_rootfs.sh readconf /etc/ltsp/rootfs.conf --update rootfs
>
> So that no secupdate is required.
>
>
>
> I prefer choice 1
>
> Pro: a) apt-get update && apt-get upgrade will fix everything
> b) no extra systemadministrator work is needed
>
> Contra : a) for every sec hole in any xserver the ltsp package also
> needs an sec update (bad for the secadvisory team ?)
Although I'm not a member of the security team, I'm fairly certain they
will not be in the least happy about this option. The security team have
enough to do without trying to keep track of random other packages that
need to be updated every time they do an advisory.
I'd suggest finding any other option.
> b) i have more work to always have the package up to date (for me not
> bad)
Some day you might be busy or away from your computer when a security
update to xfree86 is released. For people running testing, xfree86 and
LTSP won't propagate into testing at the same time, and so on. You need
to plan for these kinds of things.
Cheers,
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: