On 04-Jul-2015 4:22 pm, "Ludovic Courtès" <[email protected]> wrote:
> A related concern is the time it takes to actually deploy the fixed > binaries on your machine. This is discussed at: > > http://www.gnu.org/software/guix/manual/html_node/Security-Updates.html Ok, this is great. Gives sysadmins a chance to affect packages users have installed rather than having to help or force them to upgrade. Still, if an installed package is not depending on the latest version of the vulnerable package, the graft won't reach them. So there is still some education and continuous information necessary if you want to be on top of things. Still, as was mentioned elsewhere in the conversation, if the alternative is home-rolled software in every home directory, which is probably the case, then guix is superior in several ways.
