[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian security being trashed in Linux Today comments

On Mon, 14 Jan 2002, Daniel Polombo wrote:

> Adam Warner wrote:

> Well, maybe you should follow Tim's advice and go check the security team's 
> FAQ :
>    Q: How is security handled for testing and unstable?
>    A: The short answer is: it's not. Testing and unstable are rapidly moving
>       targets and the security team does not have the resources needed to
>       properly support those. If you want to have a secure (and stable)
>       server you are strongly encouraged to stay with stable.
> Of course, if you're using unstable, fixes tend to appear quickly, but :
> - "tend to" is not acceptable when security is concerned
> - it may take a lot more time depending on your local mirror

As woody draws closer and closer to being stable, and potato draws
closer and closer to the legendary dinosaurs which roamed the earth
with regards to its outdated software, perhaps this comittment to
woody's security could be revisted. I would be surprised if a lot of
the criticsm that is coming out on this issue is not related to the
fact that a lot of people have moved from potato to woody because they
cannot continue to use potato due to the requirements of certain
software or underlying libraries, and are thus burned by this security

Lets face it, potato has some ancient software that is getting
outdated, you can hardly find any software that uses db2 anymore, and
it is not trivial to backport from db3, the version of perl makes
usage and installation of anything that was done in the last 5 years
difficult... potato is great, if you want to only use the packages
which come with it, it is great as a server which doesn't need any
changes, but if you want to do anything semi-new, or outside of the
package scope, you have to move to woody, or just wait. With that
movement comes a significant loss in security policy. 

Now that woody draws near to being stable, perhaps the policy can be
altered to accomodate for that. 


Reply to: