SpiderApr 5, 2017

2 years ago I made a study on Linux distributions and default security wrt. automatic updates.

I should redo that and follow up.

I know for a fact that:
Debian will fail, cause they still haven't had an release.
CentOS will fail, same reason.
OpenSuSE will fail
Fedora Desktop gets a maybe
Fedora Server: Unknown
Fedora Cloud: Unknown
Ubuntu might succeed

Maybe I shouldn't bother.

Show threadAndo
@Spider i use debian stretch ; don't fix your eyes on official release ;)
Apr 5, 2017 at 8:04amWeb
Show threadJ.Apr 5, 2017
@Spider @ando Also, be careful with automatic updates. I had it running on a remote Debian box once, and an sshd update broke it and left me locked out.
Show threadSpiderApr 5, 2017

@yair @ando The risk with Automatic updates is _far_ lower than the risk of installing systems and not doing updates.

Admins that complain can always disable it. It is reckless to ship systems without automatic security updates by default.

Show threadSpiderApr 5, 2017

@ando There is no such thing as debian stretch.
Can't be installed == Doesn't exist.

https://mastodon.social/media/CpmdnuxeQLcqD6viH0U

Show threadSpiderApr 5, 2017
@ando Since there's no official install media, by the time you've got Stretch on a machine, it's no longer a default installation of anything.
Show threadAndoApr 6, 2017
@Spider U rigtht it's no longer a default install. Truly official package or not, on a distro u have to follow specifics paquets u need. So I stopped auto-update, backing up automatically my configs, use the latest version of what I need by following the packet from its source. Of course u may need to debug sometimes but be sure ssh is totally ok.
Show threadAndoAug 25, 2020
@Spider Hey from the Madagascar rural place :) Am on Buster now. Am testing also a tiny cloud for a rural platform project. I'll inform Mastodon once it's online October.