On Thu, 29 Jul 2004 09:46:28 -0500, gregwm <tclug at greatlakedata.com> wrote: > hi, > > what about security updates? with redhat/whitebox i can have a comfy > feeling that a daily cron job keeps my system secure with no surprise > changes in functionality. Usually, but not always... > can gentoo claim that? <rearrange> > and with gentoo, the sources would need to be signed.. or does gentoo > have packages now? did i hear something about precompiled stuff being > available? Gentoo's Portage system uses md5 checksums to check the integrity of the packages you download. It could still be compromised, but it would have to go through the developers who test and approve the ebuild addition to the portage tree. With regard to packages, you can download a "packages" CD, which contains precompiled packages for your architecture, as of whatever date the disk was last rebuilt. This will speed up initial installation greatly. You can then use a central package repository. When a package requires updating, (say a security fix for openssh) you download the source, recompile it, specify --buildpkg to build a new package, and add that to your central repository. Then your systems (on a cron job, if you like) would issue the commands 'emerge sync && emerge -u --usepkgonly world', which would update any new packages you've placed in that central repository. Sounds worse than it is, I think. > and what about debian testing? > and those RPMs are cryptographically signed. are the DEBs? I can't speak to this... _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list