On Sat, Jan 20, 2001 at 11:38:54PM -0500, Tim McKenzie wrote:
>
> you could just mirror all the sites to one base site...
Huh? I must be misunderstanding. All I want is a tool on a given
machine that looks at a list of updates on a server somewhere and
updates the given machine to the latest packages. What do I have to
be mirroring all the sites to one base site for?
> Incidently, perl is
> secure if it's written well.
The program written is not my issue. It's perl itself. I may as well
just leave a compiler and all of the dev. libraries on the machine if
I am going to have perl on it.
> From a security standpoint there really is
> no 100% secure way to have a remote site update other computers.
I'm not talking about initiating remote updates. I am talking about
being able to script/batch update a computer.
> Even
> non-gui programs tend to make insecure temp files that can be used
> maliciously.
That's just bad programming.
> Best bet is to take whatever systems you want to upgrade off of
> their connection to the internet and keep them solely on a LAN. ::shrug::
Now you are being silly. :-) I am not looking for 100% guaranteed
safety. I never mentioned requiring that did I? All I wanted was a
batchable update tool that did not leave behind a huge toolbox for
crackers.
> just my few cents worth
It is appreciated. Hopefully things are a bit clearer now.
b.
--
Brian J. Murrell
