[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Security Question

On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote:
>  I have Debian installed on my home computer (3.0 stable version) I want 
> to use it to remote login in to work, however the people in charge of the 
> remote logins (IT) at my work say that Debian has lots of security holes. 

It's unfortunate that people hold such uninformed and biased opionions.
The fact is that the Debian security team coordinates security updates
with Redhat and other Linux distributors and typically releases package
updates at exactly the same time as Redhat.  Can your IT people point to
specifics, or are they just arguing based on an irrational belief?  I
find that the most common misconception is that people believe that a
company is more capable of producing secure software than a non profit
organisation.  Perhaps that's what they're thinking.

> They also claimed that Debian isn't stable in comparison to Red Hat,
> Is Red Hat more stable? From what I have read and understand Debian is
> very stable and secure (at least it is equivalent in security and
> stability to Red Hat). Is this true?

I would actually claim that Debian is more likely to be stable.  Redhat
patches their kernel heavily.  Debian, OTOH, sticks to mostly stock
kernels with few modifications.  Since we stick to the real, officially
maintained Linux kernel source, it's more likely that our kernels
consist only of well tested code that is known to interoperate well.  I
don't think Redhat can make that claim.  Of course, this argument is
irrelevant if you build your own kernels from kernel.org under Redhat.


| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html 

Attachment: pgpKzclriJJiX.pgp
Description: PGP signature

Reply to: