On Fri, Feb 18, 2005 at 03:28:11PM +0100, kurt kuene wrote: > so you think unstable with an eye on problems is still better than testing? I > don't know.
Unstable is fine if you know exactly what you're doing and can fix a broken system yourself. unstable is potentiall unstable (surprise), but more secure since security-related updates go into unstable immediately. > if only the security > team would start working *sigh*. afaik, the security team is ready, but the infrastructure is not. > >From: Marc Haber <[EMAIL PROTECTED]> > >It is better to have a broken service. If you know exactly what you're > >doing, and take a close look at changelogs, this might be a good > >option. Maybe don't track unstable closely, but only update every - > >say - two weeks, while keeping a close look at new uploads' changelogs > >to spot security issues. > > what I do no understand is why this should be more secure than > running testing? You can immediately install a package that received a security update on an unstable system. If you do the same on testing (installing a package from unstable on a testing system), you will pull in libraries from unstable, potentially introducing breakage. > so nobody here is using sarge on productive systems?? Well, I am not. > I am always told that sarge comes soon. so why use sid? if sarge is > coming soon why worry? Currently, the sarge security infrastructure is missing. Thus, you will have a mandatory delay to wait for a fixed package to migrate from unstable to testing. > apt-pining gives a false security feeling. so pining is deceptive. Well, pinning was never intended to allow mixded-distribution systems. Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
