On Friday, February 28, 2003, at 10:38 AM, Steve Bremer wrote:
Hi Jennifer, RHN is quite a nice tool. Because of it's design, it really is quite secure. By default, the connection is encrypted and it verifies the signatures on packages that it downloads. Also, because the RHN daemon checks in with RHN rather than listening on a port, there isn't a new service on your box that someone could try to connect to and exploit. However, for a security critical hosts (and maybe others), I would recommend against having your machine automatically apply updates. My personal preference is to review updates rather than having them automatically applied to my machines. This also gives me the chance to test the update first on a non-critical machine.
But that *is* the nice part about up2date, right? You can configure it to either automatically apply the updates or to just download them for your review and (possibly) manual installation.
--Jo
