l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Aug 17 05:02

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Password NOT stolen at linuxworld
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Password NOT stolen at linuxworld

On Monday 11 August 2003 03:39 pm, Dmitriy wrote:
> On Mon, Aug 11, 2003 at 03:00:14PM -0700, Ryan Castellucci wrote:
> > On Mon, Aug 11, 2003 at 02:16:15PM -0700, Dmitriy wrote:
> > > Testing is inherently insecure.  _Don't_ run testing on any publically
> > > accessible computers.  It doesn't get security updates.
> [snip]
> > I claim IGNORANCE!!!!
> >
> > I was not aware of this, I sure wish someone had told me. I needed newer
> > versions of several packages that were not available in stable. Would I
> > be better off running sid in the future?
> sid: stuff breaks at times, and security updates are mostly on time,
> yet there are exceptions (like bug #200736 for example).
> stable always gets timely security updates.
> I bellieve the best approach is to backport some packages from
> testing/unstable (if feasible) and run them on a stable box.

Truth be told, if you rely 100% on what's in the distro(no matter which) 
you're just asking to be burned.  What you need to do is actively pursue the 
security aspect.  Subscribe to all the mailinglists, and watch for any 
package that may be installed on your box or may be vulnerable.  Its a PITA, 
but relying on any one thing for security is just asking for it.  It only 
varies in the volume in which you are asking for it.  


Mike Wenk
vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.