ubunyu 9.0 updates
David Curtis
dcurtis at uniserve.com
Sat Jun 20 02:22:34 UTC 2009
On Fri, 19 Jun 2009 16:39:12 -0400
"H.S." <hs.samix at gmail.com> wrote:
> David Curtis wrote:
> > I disagree with the virus issue the others pointed out, as successful
> > dns poisoning or other sophisticated attacks (on official repos) would
> > necessarily be a cryptographic attack. I would doubt this would be
> > noticed even by an expert doing a manual update/upgrade. This is because
> > apt rejects packages with bad crypto if you ended up updating/upgrading
> > from a bad/compromised archive. If an attack like this was successful
> > (highly doubtful) whether we're automatically updating or manually
> > updating, let's just say we're all screwed. :(
> >
> > I do agree that if your using unofficial repos that, yes, you definitely want to keep an eye > > on them and investigate and approve them one by one. But that can be configured within the
> > apt upgrade system.
> >
> > The biggest problem with automating updates/upgrades is that you tell apt to assume 'yes' for > > all questions it may ask. Once in a blue moon an upgrade will replace a configuration file.
> > If you've manually edited a configuration file and apt assumes 'yes' and replaces it with the > > new default configuration file, things can break. Say, for example, we're talking about grub > > and a /boot/grub/menu.lst. If you've manually edited to include paramaters on the boot line
> > and the file is automatically overwritten, conceivably, you could end up with a non-bootable > > system.
> >
>
> Completely agree with the above three points of yours. The last one is
> actually the most insightful and perhaps the most important.
>
> BTW, is something the matter with line breaks in the application you are
> using to post here? Each of your paras is one long line in my reader :(
>
> Regards.
You got me there. I'm using plain old sylpheed (2.6.0). In using sylpheed, I treat it like a word processor, don't hit enter until I end a paragraph. Just googled 'sylpheed line breaks' and does seem to be some missives on line breaks and auto-wrap, bugs and so forth, I will investigate. If anyone else sees this, I can change over to claws (or something else) fairly easily.
Doing a bit more research into Unattended-upgrades, I must admit I just can't find documentation for apt besides the basic Ubuntu and Debian howtos. If anyone can point me to good apt docs in regards to /etc/apt/apt.conf.d and it's requisite files, I'm all ears.
--
David Curtis <dcurtis at uniserve.com>
More information about the ubuntu-users
mailing list