Focus on Linux
Re: Vulnerability and Patch-Management in Linux (and other Unix) Jun 20 2008 04:57PM
Rainer Duffner (rainer ultra-secure de) (1 replies)
Re: Vulnerability and Patch-Management in Linux (and other Unix) Jun 24 2008 05:57AM
Kosala Atapattu (kosala atapattu gmail com)
>> For debian/ubuntu just a simple cure:
>> cron-apt - automatic update of packages using apt-get
>
> Well, the point is: we don't want to have automatic updates.
> I'd rather like to be able to answer questions like "Which of my Linux-boxes
> actually does have that stupid privilege escalation bug?"
>
> We have to plan updates very carefully, as not to break customer-applications (we do managed hosting).
> In theory, a yum update shouldn't create a API/ABI breakage - but "In theory, this shouldn't have happened" is a bad excuse to give to the customer...

Completely agree with you on this. And I would like to add something
related, I do not think it's a good approach to update every single
piece of software on a production system, just because there is a new
version. For example I would not update a NTP client if I'm not using
it withing any of my applications.

--
Kosala
--------------------------------------------
Disclaimer: Views expressed in this mail are my personal views and
they would not reflect views of the employer.
--------------------------------------------
blog.kosala.net
www.linux.lk/~kosala/
www.kosala.net

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus