[RndTbl] Ubuntu mirror security

John Lange john at johnlange.ca
Mon May 9 15:42:22 CDT 2011


As with all things in the field of security, it's about striking a balance.

It's good (and surprising actually) that you have a system admin smart
enough to ask those questions. Those are always good things to
consider before doing an implementation.

However, if the end result is that your denied the ability to install
patches, then to me that does not strike a very good balance. The
patching process for any of the main-stream distros has plenty of
safeguards in place but like anything, it's not infallible. Of course
that's not unique to opensource. Any operating system is vulnerable.

To my way of thinking the risk of compromise through patching is far
less than the risk of compromise by _not_ patching.

I don't know ubuntu all that well but I'm certain that the default is
to fail if the signatures on the files are wrong so automated patching
should not be a security issue.

-- 
John Lange
www.johnlange.ca


More information about the Roundtable mailing list