[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[backports & security]


I'm about to install sarge on a (production) server of my own, and
would rather like to have the latest versions of:
  * mysql (5.0)
  * vim (7.0)
  * the Linux kernel (2.6.16) [ppc]

Since these are not in sarge, I'm considering using backported
versions from backports.org.  I was however unable to find much
information on the effect on security of using backports.org.  Since
this server will expose several services to the internet (apache,
subversion, mysql), I want to make sure that it is, and stays, secure.

So these are my questions:
  * Are you using unofficial repositories (e.g. backports.org) on
    production servers ?
  * Do you (and can I) trust backports.org ?
  * Also, since even backports.org does not seem to have vim 7.0 and
    kernel 2.6.16 (yet), what would be the best way/place to get these
    from ?  Should I (try to) backport them myself ?

Other suggestions & remarks are welcome.


- Felix

Felix C. Stegerman <flx@obfusk.net>                  http://obfusk.net
~ "Any sufficiently advanced bug is indistinguishable from a feature."
~   -- R. Kulawiec
~ vim: set ft=mail tw=70 sw=2 sts=2 et:

Attachment: pgppafmCB92kY.pgp
Description: PGP signature

Reply to: