I've had servers on the Internet since 1995 and they are getting beaten constantly. Some script kiddie will hit us eventually, post it on a list and then the gusanos are all over the place.
I am not complaining about Dapper LTS nor Feisty. Feisty is doing well for us. I am saying that life on the 'net is forever changing and attachment to stability is a cause of suffering. Stability in illusory. Let me suggest a chain of sets using PHP as an example. 1) start with the universe of bugs and vulnerabilities 2) unless you have extraordinary resources, the known bugs are (for the most part) represented by CVE+MOPB 3) PHP maintainers go after a subset leaving CVE+MOPB-PHP hanging in the wind 4) Debian will merge some of the patches into previous versions but some will not make it. 5) Ubuntu will take some of the patches from upstream but some will clash with local (Ubuntu) fixes (Almost make sense of remarks by a former US Secretary of War.) Of necessity, LTS implies an ever increasing subset of CVE+MOPB. In other words, LTS implies an ever growing set of known bugs and vulnerabilities. In the end, it is a matter of faith and trust and I place mine in "current" rather than LTS. Jim Tarvid On 7/26/07, Ante Karamatic' <[EMAIL PROTECTED]> wrote: > Jim Tarvid wrote: > > > If everything is backported as it evolves, it is more like a perpetual beta > > instead of long term support. > > > I moved two servers from Edgy back to Dapper LTS based on the "promise" of > > LTS. What I got was security patches backported to an intermediate version > > of PHP. That makes sense as some sort of compromise of syntax and security. > > As with all compromises, the result was not totally pleasing to either > > point of view. > > > PHP and MySQL are my "bread and butter" and we have an organizational > > commitment to run the latest versions of both if at all possible. I > > acknowledge this is a thinly veiled manifestation of "bleeding edge > > disease". Most of our servers are now running Feisty and all will > > migrate to > > Gutsy. If I had non Internet facing servers Dapper LTS would make some > > sense. > > You have some contradictions. You correctly say that if everything would > be backported, we would get beta, not LTS. For an example, that would be > Fedora - always gets newer versions of packages - always beta. On the > other hand RHEL does the same thing as Ubuntu LTS - RHEL 4. still has > 2.6.9 kernel; yes, a mighty one, but still 2.6.9. > > Then you say you wouldn't put LTS on Internet, but I guess you do that > with Feisty, right? > > Perfect deployment goes something like this - developers create > php/mysql appplication; system admins choose platform for it based on > requirements of application. During lifetime of that application neither > the devs and neither the sysadmins want/dream about version change of > any component of the system. This is why you need 5 year support. In > stable environment there's no room for new features, new drivers, etc... > You want and get only security fixes. > > If you are developer, you should rethink 'bleeding edge' tactic. It's > suicidal if you can't get a stable platform for your application. I > understand that latest and newest looks good and has options old one > doesn't, but this is something that'll always happen and as soon as you > finish your app, it wouldn't look good cause there was newer PHP version > with some features your application doesn't utilize. > > -- > ubuntu-server mailing list > ubuntu-server@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/ubuntu-server > -- ubuntu-server mailing list ubuntu-server@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
