Henrik Krohns wrote: >> Second, upgrading is easier (yum update) if the packager did his/her >> job well. And since most packagers know the software much better than >> I do (which is the case for 99,9% of all programs), they will prevent >> me from doing anything bad.
> Thats a bit of a stretch. You need to know the software to do your job > properly. I could never trust packagers decisions on essential packages, > there might be configs or compile options I do not want. Thats why I have test systems, where a config is being validated. If you are unsure, just take a look at the spec file. This is still faster than becoming a packaging expert for every software you are using... >> I don't have to monitor all the lists to be notified when a security hole >> appears, I just do regular "yum update"s. > I think I would not hire anyone for security position, who didn't want to > know about current security issues.. Although (from a formal point of view) your statement can be seen as totally unrelated to my text cited above, I want to put something straigt: I am interested in security! But I don't think anyone can read ALL the relevant mailing lists for all packages installed (more than 350 on an average server of mine, resulting in 100-150 mailing lists(?)). Thats why I am monitoring just 3-4 "critical" lists and the general security mailing list of the distributions I am using. Maybe my first statement was a bit unclear in this respect... :-) But this is getting very ot, so end of thread for me. -- Felix ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
