On Thursday 24 April 2003 16:51, Dave Smith wrote:
Maybe. But it introduces the extra possibility of having a trojaned binary installed on a system which didn't actually have any known exploits.
I'd rather install updates myself when I know they are required, rather than have the system install it itself.
And you think this protects you against trojans? Assuming someone does break the SuSE gpg key, or there's a rogue employee at SuSE who puts in trojans in the packages, I can guarantee you that people will install the packages blindly, whether the update is automatic or not. Remember that the person who discovered the trojan in ssh only did so because the package wasn't signed correctly.
Of course, you also have the potential for breaking a working system. SuSE are pretty good at producing working stuff, but nobody's perfect, and occasionally packages will come out which break something. Having things stop working for no apparent reason would be particularly frustrating...
This is very true, but that's not the real idea behind an automatic update. If you're the admin of a server farm you have hopefully a test machine with the same configuration as the real servers. You would test the update on the test machine, and then set the servers to update automatically *from your own local update server*.
Possibly, or it might be due to the fact that I'm trying to connect over a 28.8k modem. Occasionally (1 time out of 10), I manage to get to the list of mirrors, but never get any further.
You are aware that you don't have to download the mirror list every time? Once you find a fast mirror, you can hardcode the address in YOU