[Sussex] Debian Lug - the one with the text

Geoff Teale gteale at cmedltd.com
Wed Feb 25 16:26:21 UTC 2004


On Wed, 2004-02-25 at 16:18 +0000, Steve Dobson wrote:
> Geoff / Garth / Jon
> You guys need to get a life and not sit there waiting for the next 
> posting to the SLUG list - esp when all that I did was hit the
> right key at the wrong time.

Are you sure it wasn't the wrong key at the right time?

> I just wanted to say a few things about Debian and using "apt".

*gasp* Steve talking about apt?  Really? ;-P

> If you are using Debian then you should really be running, at least,
> the latest "stable" release. It is support by the security team,
> older releases are dropped after a while.  If you don't keep up to
> date with security patches then you system is more susceptible to 
> attack.  Very important if your machine is connected to the Internet,
> and very important if it is permanently connected via one of the
> new broadband connections.

Indeed.  We find that Debian security updates are not well tested enough
and so we screen then before updating our mirror - but our operational
parameters are more heavily audited than most people would deem
necessary and ultimately it's a lot less work than managing completely
on our own... ... and no, I'm not joking.

> If you are running "stable" then this line
>    deb http://security.debian.org/ stable/updates main contrib non-free
> needs to be in your /etc/apt/sources.list file so that you do get the
> latest patches to your system from the Debian security team.
> 
> This must be done regardless of where you're getting your stable 
> packages from.  CDs go out of data very quickly.

This is good advice indeed.

> If your running "testing" or "sid" then you do not need the security
> line as it is the responsibility of the package maintainer to post updates
> to his/her package.

Moreover if you're running anything other than stable you must be
prepared for things to be broken - this applies to any distro.

<snipperoony>

-- 
Geoff Teale
Cmed Technology <gteale at cmedltd.com>
Free Software Foundation <tealeg at members.fsf.org>





More information about the Sussex mailing list