On mandag 19 september 2005, 00:18, Hans Ekbrand wrote: > > You must > > expect issues like these, it is a feature... :-) > > Not getting security updates automatically installed a feature? Not > in my world!
Well, imagine the security.debian.org box getting compromised, and the attacker pumping out a trojanned "security" upgrade. You install it automatically before the Debian folks take the box out. The attacker has your IP too... That's a serious single point of failure for the entire community, you know... I prefer to read and understand the DSA, and check that the DSA is signed with a key I trust (I'm just a hop from joey) before I do a manual apt-get upgrade on affected machines. But YMMV, that's just me. Cheers, Kjetil -- Kjetil Kjernsmo Programmer / Astrophysicist / Ski-orienteer / Orienteer / Mountaineer [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
