[Gllug] Installing Stuff?

Jim Bailey jim at lateral.net
Tue Dec 11 15:34:35 UTC 2001


Hi all,

this is my input if people notice glaring errors in my reasoning then 
please let me know as this stuff is quite important.

On Tuesday, December 11, 2001, at 02:07 PM, Ivan Dimitrov wrote:

> you make a habbit to check every day freshmeat.net

You also got bug-track and the various security sites to keep you updated 
with security issues.  Most applications have low traffic mailing lists to 
announce serious security issues and upgrades that way you don't get 500 
emails a day about configuration and installation issues.  Subscribe with 
a group alias to deliver them to every member of your IT team or  and 
create a separate folder in your mail client so you can see whether or not 
you have dealt with them.

Alternatively and I am not sure if this is possible with out some hacking 
but if you use something like RT, (request tracker, a free GPLed product) 
it comes with Debian and should be available for Red Hat, have the 
security and upgrade mails automatically raise a job which then need to be 
closed down.

> On Tue, 11 Dec 2001 gllug at uncertainty.org.uk wrote:
>
>>
>>
>> compliling from source is easy enough and you get full power - but you
>> have to keep track of any security issues and updates by yourself :(

this is where I find the mix and match option the best I un-comment the 
Debian security option in /etc/apt/sources.list and can run it daily this 
keeps most stuff fairly secure and up to date.  I don't think that there 
is an equivalent for Red Hat unless you pay them.
>>
>> I have yet to find a good way of keeping tabs on the latest releases of
>> source packages - subscribing to a list per package is a pian.

If you have public facing systems it is a pain you have to live with and 
it is a lot less painful than explaining to your fat meal ticket corporate 
client and the hard faced security consultant they just hired to help sue 
you, why their site has been hacked and defaced by a spotty 14 year old 
using off the shelf software.
>>
>> mind you gllug is pretty handy for keeping up to date - there is always
>> someone boasting about having just upgraded to the latest thing ;-)
>>
Peace Jim

No theory, no ready-made system, no book that has ever been written will 
save the world. I cleave to no system. I am a true seeker.
--Mikhail Bakunin



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list