On Thu, Feb 01, 2018 at 11:53:36AM +0000, Michael Fothergill wrote:
> Thus for anyone in the entire world who is new to linux,the most
> efficient route at present could well be to install Fedora and be
> stable and spectre protected out of the box rather than taking on
> the indefatigable odyssey of installing Debian and waiting for
> Debian security team to find solutions at whatever pace is
> possible given the way the distro is currenty set up.

"The way the distro is [currently] set up" is that the upstream
Linux kernel project will provide backports to long term supported
kernel versions and these will get folded into Debian stable as a
security update. What you call an "indefatigable odyssey" will for
the average Debian user be an unremarkable kernel upgrade. And there
will hopefully be minimal breakage because a lot of people will have
tested it first.

You appear to have a level of paranoia that requires you to build
the latest kernel release with the latest GCC, and that has
motivated you to learn how to do that on Debian, but I feel sure
that that is not where the average Debian user is coming from.

As you've seen, the method is there for you to do what you have
decided you need to do. Or for the curious who want a learning
experience. But with Meltdown dealt with by KPTI (already in the
stable release) and the obvious javascript issues worked around by
the browsers, you have to weigh up the risk of pushing hasty fixes
into a stable kernel (and GCC) release.

I don't think the sky has fallen just yet but if you do want to see
the sky fall, push out a buggy Debian stable kernel package. Debian
already has a place to test the latest and greatest (and most
broken) versions of packages and it is not the stable release that
new users are directed at.


https://bitfolk.com/ -- No-nonsense VPS hosting

Reply via email to