On Wed, 4 Feb 2009 09:56:48 +0100 Andreas Jaeger <[email protected]> wrote:
> On Wednesday 04 February 2009 08:41:50 Dan Kegel wrote: > > Security updates in current linux distros are > > optional, right? i.e. in Ubuntu 8.10, it > > *offers* updates to you every time you > > log in. And (though I should know better), > > I often ignore that message, so my systems > > are days out of date. > > > > Given how much malware is out there, > > shouldn't security fixes for remotely exploitable > > flaws be installed a bit more forcefully? > > e.g. instead of an ignorable notification, > > how about an in-your-face dialog saying > > they're going to be installed now? > > Or in some cases even just silently installing them? > > > > This goes not just for distros; any ISVs is on > > the hook for rapid security updates these days, > > I would think. > > > > This isn't an idle question... the ISV I work > > for is pondering how to package its app > > and how to push out security updates to all customers > > promptly. > > I can't recall any standard mechanisms to make this > > happen other than, um, having the package install > > a daily crontab script to update itself via the appropriate > > "apt-get install foo" or "yum install foo" command. > > > > (That sounds awful forceful, but I think lots of shops > > do this kind of update of the whole system, so perhaps > > an ISV doing it for just their one app wouldn't be too > > controversial. Ha.) > > There are cases where it will not work - e.g. updating the kernel. You need > to reboot for that ;) Not necessarily, see ksplice. _______________________________________________ Desktop_architects mailing list [email protected] https://lists.linux-foundation.org/mailman/listinfo/desktop_architects
