Re: problem with automatic upgrade (changed conffile)
On mandag 19 september 2005, 00:18, Hans Ekbrand wrote:
> > You must
> > expect issues like these, it is a feature... :-)
> Not getting security updates automatically installed a feature? Not
> in my world!
Well, imagine the security.debian.org box getting compromised, and the
attacker pumping out a trojanned "security" upgrade. You install it
automatically before the Debian folks take the box out. The attacker
has your IP too... That's a serious single point of failure for the
entire community, you know...
I prefer to read and understand the DSA, and check that the DSA is
signed with a key I trust (I'm just a hop from joey) before I do a
manual apt-get upgrade on affected machines.
But YMMV, that's just me.
Programmer / Astrophysicist / Ski-orienteer / Orienteer / Mountaineer
Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC