On Fri, 18 Oct 2002 at 08:24:31AM -0400, R. Bradley Tilley wrote: > I don't understand the need for this. > > Can someone explain why 'apt-get update && apt-get dist-upgrade' is not > sufficient to keep a debian system secure and updated? As pointed out several times in the past Debian has not fully implemented package signing (the last I knew...someone throw a rock at me if I am wrong). So blindly updating and upgrading might be insecure if someone could spoof the Debian update server (upstream).
Regards, -- Phil PGP/GPG Key: http://www.zionlth.org/~plhofmei/ wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import XP Source Code: #include <win2k.h> #include <extra_pretty_things_with_bugs.h> #include <more_bugs.h> #include <require_system_activation.h> #include <phone_home_every_so_often.h> #include <remote_admin_abilities_for_MS.h> #include <more_restrictive_EULA.h> #include <sell_your_soul_to_MS_EULA.h> //os_ver="Windows 2000" os_ver="Windows XP"