[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Food for thought - SECURITY (design flaw?)



>>>>> "Laz" == Lazarus Long <lazarus@overdue.dhis.net> writes:

    Laz> Something seems "not quite right" with choosing
    Laz> woody/testing, as "safer" than sid.

I was under the impression that woody was safer than sid from a
"apt-get upgrade won't crash my system" point of view rather than from
a security perspective.  If you want security, stick with potato.
Bleeding-edge software (or near bleeding-edge software) rarely can
give you the kind of security assurance that you need if you put a
security.debian.org line in your /etc/apt/sources.list.

OTOH, there is some software in potato which is quite old (such as
OpenSSH, as the recent bug showed).  But the security team did a
wonderful job in backporting the spatch.

Bye,

Andrea Glorioso
-- 
Non e' abbastanza fare dei passi che un giorno ci porteranno ad uno
scopo, ogni passo deve essere lui stesso uno scopo, nello stesso
tempo in cui ci porta avanti.

Attachment: pgpgHUxbAr9la.pgp
Description: PGP signature


Reply to: