[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: http://www.linux.org.il/ rants
Difference between RedHat and Debian update systems are not really
technological. At least not the important details. I think redhat's
system is a bit better technologically wise, BTW.
The problem is that you cannot leave your system to automatically run
up2date, and be sure everything is ok. I have had a system become really
really unstable as a result of running up2date regularily on it (RedHat
7.1, not server).
On the other hand, I have a system running Debian Potato, and doing
apt-get dist-upgrade to keep it up to date, and while updates are very
scarce, I have yet to see a security problem go unpatched for more than
a few days, and no noticable ill effects (as well as using the same
mechanism at home for desktop computers).
So, while redhat's up2date may be slightly supirior technologically wise
(and I am not even sure about that - you are sending your entire
system's config for safe-keeping on RedHat's systems), Debian careful
updates policy is unmatched. Only flaw I found was that their habbit of
backporting security patches means that security scanners give false
positives.
Shachar
Oleg Goldshmidt wrote:
>Yotam Rubin <yotam@makif.omer.k12.il> writes:
>
>>On Sun, Dec 23, 2001 at 09:42:48AM +0200, mulix wrote:
>>
>>>On Sun, 23 Dec 2001, Shachar Shemesh wrote:
>>>
>>>>Actually, I'm going over BugTraq daily anyways. What system is Iglu
>>>>running anyway? RedHat?
>>>>
>>>redhat 6.2.
>>>
>>>that would mean the initial update to bring it up to date will be rather
>>>massive, unless someone's been taking care of it in the meantime?
>>>
>>Once crucially important update is ssh, whose version on iglu.org.il appears
>>to be vulnerable to the CRC compensation bug, which may grant arbitrary
>>access to attackers. You can try and convert that Redhat box to Debian,
>>which will ease the strain of constantly monitoring updates and allow trivial
>>upgradability. If I can assist you in any way, please tell me.
>>
>> Regards, Yotam Rubin
>>
>
>That's rather shameless ;-) [ note the smiley! ] Red Hat have their
>own upgrade system, RHNetwork, and IIRC one system can be kept up2date
>free of charge.
>
>In any case, RH issue updates for RH6.2, and updating ssh or any
>number of packages does not strictly mandate changing the distribution.
>
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il