On 03/01/2013 05:19 PM, Lisi Reisz wrote:
On Friday 01 March 2013 22:33:37 Dick Thomas wrote:
Debian is always out of date and even the "stable" is unsecure as
its backported fixes rather than updates
Sorry to answer piecemeal. Debian stable starts to go out of date as soon as
it is released, or even before, while it was still testing, but in freeze.
It has security updates throughout its life and for the first year of being
Old Stable. It is very secure. Nothing, and no distro, is totally secure,
but Debian Stable is as close as you are likely to get.
Many people therefore use Stable only for servers. Testing is more up to
date, and is as stable as many released versions of other distros. It does
not, however, get up to date security updates.
Many people in fact run Unstable on their desktops and just upgrade with
caution. I understand that it does get security upgrades, but although I
have installed it to look at it, I have never had the nerve to install it on
my workhorse machine.
Lisi
I don't know if Debian's the most SECURE distribution. It doesn't really
have a "hardened profile" or anything like what Gentoo offers. (Gentoo
isn't a prime example of a secure Linux system, I more point to the
concept of having a "hardened" base available, whihc Debian doesn't
really offer.) Debian's known for being incredibly STABLE and high
quality, and embraces FOSS standards pretty well.
But unless Debian is bundling an alternate base system built around
stuff like Tomoyo, GrSecurity, PaX, or SELinux and starts loading up
their packages with hardened patchsets I wouldn't boast about it being a
"security-focused" distro.
The backports are an excellent thing. And the Debian security team does
an excellent job. Lets just be realistic and a little more honest and
say Debian is "one of the most secure" but I can't call it "THE most
secure" unless the system can go hardened readily.
Cheers.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/51317176.1030...@marupa.net