On a practical note...
I don't upgrade software unless I need the features described.
And I view 1.0 of anything with great suspicion.


Mark Browne

How can you spot the pioneers in any endeavor?
Yep, their the ones with the arrows sticking out of their backs!

----- Original Message -----
From: <scott.w.fischer at att.net>
To: <linux at badplace.net>; <tclug-list at mn-linux.org>
Sent: Friday, October 19, 2001 11:28 AM
Subject: [TCLUG] Frequency of Kernel releases



I don't know if I'm paying more attention now or what, but it seems that the
frequency of kernel releases is increasing dramatically.  And now with
today's advice of upgrading to 2.4.12 to close the ptrace vulnerability, my
aversion to installing bleeding edge software raises it's head.

It seems to me that this frequency is causing (or at least has the potential
to cause) more screw ups.  See the lifetime of 2.4.11 for an obvious example
and the immediate release of the dangling symlink patch to 2.4.12 as another
apropos example.

So how do I decide what to do?  I want to keep my systems as secure as
possible, but I also want to make sure I'm not causing greater usability
issues by putting out something that's not ready for prime time.  I see very
little explanation or industry advice on the seriousness of vulnerabilities,
only a recommendation to upgrade as soon as possible.  So I ask myself,
"What if I choose to NOT upgrade?  What risk am I taking?"

In the post-Sept 11 age, it seems that security analysts/advisors, software
developers and even distribution maintainers (how many of you upgrade your
kernels in some sort of automated fashion - apt-get, mandrakeUpdate,
red-carpet, etc?) are playing on fear to get their stuff implemented.  I'm
getting frustrated that the activity driving the 2.4.x (STABLE) kernel
doesn't feel like its under control as in the 2.2.x (STABLE) kernel.  At
this point I'm considering downgrading to 2.2.19 and applying patches, just
so I can get control of what's happening on my systems again.

-swf

--
"Don't pray when it rains if you don't pray when the sunshines."   - Satchel
Paige
_______________________________________________
Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org
tclug-list at mn-linux.org
https://mailman.mn-linux.org/mailman/listinfo/tclug-list