[Bug 1836328] Re: unattended-upgrades should not be enabled by default

Vlad K. 1836328 at bugs.launchpad.net
Fri Jul 12 09:53:58 UTC 2019 

Unfortunately you can't fix individual packages, and you're a bit wrong
about Firefox. Yes it keeps running, but does not open new tabs/sub-
processes until it's restarted, so effectively it's in a crippled state,
which depending on your what you're working with through it, maybe
constitute a Denial of Service.

The simplest solution is not to change underlying software without user
intervention, by default.

An information system that modified its own code, unexpectedly without
user intervention (which happens here as the user is not warned there's
an update and asked if they want to proceed), is effectively a
compromised system and that behavior is closed to malware.

Please reconsider removing unattended-upgrades operating by default.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1836328

Title:
  unattended-upgrades should not be enabled by default

Status in unattended-upgrades package in Ubuntu:
  Won't Fix
Status in unattended-upgrades package in Debian:
  Unknown

Bug description:
  The unattended-upgrades package and the whole concept of upgrading
  software automatically behind user's back is HARMFUL and the
  service/timer should NOT be enabled by default.

  It harms experience even for novice users with applications like
  Firefox preventing opening links until you restart it (which is
  terribad if you're in the middle of some work and don't want to do
  that at THAT particular moment!), and some other applications crashing
  in some cases, especially applications that run sub-processes
  interactively or on timers/cronjobs -- where updates to their libs or
  other dependencies create error states due to version/API/ABI
  mismatches.

  Please do not enable the service/timer by default and leave it to
  advanced users to enable assuming they understand the consequences.

  The same problem plagues snaps but that's a different bug report I
  suppose.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1836328/+subscriptions

More information about the foundations-bugs mailing list