[Typo3-debian] Some questions about unstable install
Steffen Mueller
steffen at davis.kommwiss.fu-berlin.de
Fri Nov 21 20:01:49 CET 2003
Michael Stucki schrieb:
> Steffen Mueller wrote:
>
>
>>be careful!
>>- add source to /etc/apt/sources.list
>>- apt-get update
>>- apt-get install <package-name[s]>
>>is the better choice, since apt-get upgrade could upgrade packages you
>>do not want to upgrade.
>
>
> I always use the '-u' switch to see what will be upgraded:
> # apt-get -u upgrade
>
whaaa. that one is new to me!
my favorite is
# apt-get -s upgrade
as this one shows me exactly what will be done.
>
>>[OT]
>>at the moment i wouldn't install _any_ packages from official debian
>>server or mirror, since some of them could have been compromised.
>>http://cert.uni-stuttgart.de/files/fw/debian-security-20031121.txt
>
> (...)
>
> Anyway. As far as I remember, this behaviour was only seen at big
> commercials such like Microsoft. I am sure that the Debian guys would have
> fixed the hole if they knew about!
could be a human fault, too. (bad passwords, ...)
>
> <conspiracy theory>
> So I only see two options:
> - someone who is mentionally disturbed
> - a (commercial?) competitor
> </conspiracy theroy>
>
> What do you think?
>
security is good, but never good enough. this could happen to everyone.
there's no unbreakable system existing at all.
defacing debian is like stealing donations in church. debian people
(contributors and users) spend time and money in development without
making $-benefit.
i don't care about who did this and why. it's just not fair.
but maybe we all benefit from it and packages are going to be signed
with pgp or similar.
--
cheers,
Steffen
More information about the TYPO3-debian
mailing list