On Mon, Sep 19, 2005 at 12:29:38AM +0200, Kjetil Kjernsmo wrote: > On mandag 19 september 2005, 00:18, Hans Ekbrand wrote: > > > You must > > > expect issues like these, it is a feature... :-) > > > > Not getting security updates automatically installed a feature? Not > > in my world! > > Well, imagine the security.debian.org box getting compromised, and the > attacker pumping out a trojanned "security" upgrade. You install it > automatically before the Debian folks take the box out. The attacker > has your IP too... That's a serious single point of failure for the > entire community, you know... That's a interesting point, but not relevant in the current discussion. Note that I do get automatic security updates on all packages in which I have not changed any conffile. If it were a feature not to get automatic installing of security updates, then that would be some kind of bug, don't you think. My question is: "How do I do to get automatic security updates also for packages that I have changed a conffile in?" > I prefer to read and understand the DSA, and check that the DSA is > signed with a key I trust (I'm just a hop from joey) before I do a > manual apt-get upgrade on affected machines. > > But YMMV, that's just me. I understand the risk of automating security upgrades, but I consider relying on installing security updates by hand to be worse, since I don't think I will have the time (or opportunity) to keep up with the security updates. -- Note that I use Debian version 3.1 Linux emac140 2.6.8-2-686 #1 Mon Jan 24 03:58:38 EST 2005 i686 GNU/Linux Hans Ekbrand (http://sociologi.cjb.net) <hans@sociologi.cjb.net> A. Because it breaks the logical sequence of discussion Q. Why is top posting bad?
Attachment:
signature.asc
Description: Digital signature