[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: What is best practice for managing sources.list for security and stability?

john <lists.john@gmail.com> writes:

> deb http://security.debian.org/ etch/updates main contrib
> deb-src http://security.debian.org/ etch/updates main contrib
>
> The recent key-change forced me to use the main stable repos to get
> the new keys (e.g apt-get install debian-archive-keyring )
> .  and got me thinking...
>
> Is the approach I outlined the "best" way to maintain the security and
> stability of these box's or should I really be using the main
> repositories as well?

We've never had any trouble using the main repositories as well.  You
get some additional more minor security bug fixes (DoS bugs, crashers,
and similar things) that way, the amount of change isn't much higher,
the stability for us has been fully as good as the security updates in
practice, and periodically there are things like the archive key change
that go into point releases that you want.

-- 
Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>
Reply to: