Re: QUantifiable reasons to use debian instead of redhat...?
>What I need is a lists of reasons, logical supportable reasons, that I
could
>use to convice a change of standardization. Quite literally, this will
decide
>what the next 50-100 systems will look like. DO they run Redhat or
Debian...
How's this one: We recently had a rash of intrusions on several Linux boxes
here on our campus. Of the ones I've been told about, all of them were
RedHat or derivatives thereof. None of mine seem to have been broken into.
Mine are all Debian.
Now, we can go back and forth all day about why. In this case, however, I
think the particular saving grace is Debian's "dselect" utility.
You see, all of the intrusions seem to have been made via a hole in the IMAP
server. This hole was patched some time ago, and was available in compiled
form, I'm sure, for Debian and RedHat. However, dselect lets a Debian user
say "Go get me the latest versions of everything I've got installed". I
don't know if there's a package like this for RedHat. I haven't found it
yet. I don't expect there to be one, since it would make it harder for
RedHat to sell upgrades if you could "Click here to automatically upgrade to
the latest version". So, for RedHat... the commercial entity, there's a
dis-incentive for them to provide such a tool. A few people have told me you
just have to keep an eye on their errata page.
Now, being on the bleeding edge has its drawbacks. My co-workers sometimes
get on my case for always upgrading to the latest stuff in "unstable".
However, I prefer the occasional broken install to an outright security
hole. I *can* say this.... since these IMAP breakins... nobody's been
complaining to me about how often I upgrade the packages.
- Joe
Reply to: