Bug#362665: apt manpages should include security information
Package: apt
Version: 0.5.28.6
I think apt is central to the security of a Debian system. It is responsible
for keeping packages up-to-date -- including security vulnerabilities, and for
safely acquiring authentic versions of software. Despite this, the word
"security" does not appear in the apt(8) or apt-get(8) manual pages.
Here are some suggestions:
* there should be an apt-security(8) manual page. apt(8) and apt-get(8)
should refer to it. This manual page should discuss issues such as:
- how to get signed packages
- how to automate security updates (eg: with cron)
- the advantages/disadvantages of different approaches of the above.
For example, it should compare automatic security updates as opposed
to "apt-get dist-upgrade". It should also discuss how frequently
different types of users should set cron to update. For example,
users running services that could be infected by worms should update
more often.
* is it even possible to ask apt to apply security updates only?
(without editing /etc/apt/sources.list!) That is, something like
apt-get security-upgrade
or
apt-get dist-upgrade -t security
If it isn't, then I guess I should open another bug...
Cheers,
Andrew
(I have contact details at http://www.econ.upenn.edu/~clausen)
Reply to: