Re: Security Question
On Thu, Jan 02, 2003 at 03:39:22PM -0800, John Gedeon wrote:
> I have Debian installed on my home computer (3.0 stable version) I want
> to use it to remote login in to work, however the people in charge of the
> remote logins (IT) at my work say that Debian has lots of security holes. I
> was wondering what security holes Debian may have (especially in comparison
> to Red Hat) if any. And if any of those cannot be taken care of. They also
> claimed that Debian isn't stable in comparison to Red Hat, Is Red Hat more
> stable? From what I have read and understand Debian is very stable and
> secure (at least it is equivalent in security and stability to Red Hat). Is
> this true?
It sounds like your IT people are just biased. As such, it may not be
worth your while trying to convince them. Suffice it to say that, if
Debian is less stable and secure than Red Hat, nobody's told us about
it, and when I listen in on conversations among clued-up sysadmins I
never hear such complaints. There may well be other complaints, but
stability and security aren't among them; quite the opposite, in fact.
An anecdote may serve: the Debian security team once informed me about a
security hole in one of my packages (groff), about which Red Hat had
recently issued an advisory. It turned out that the problem had been
fixed in Debian over five months beforehand, and so we had been able to
forget that the problem ever existed before they got round to fixing it.
(This is judging from my mail archives - I may be a month or two out
either way, but that's the gist.)
--
Colin Watson [cjwatson@flatline.org.uk]
Reply to: