On Tue, Oct 4, 2016 at 5:43 PM, Sam Varshavchik <mrsam(a)courier-mta.com>
Strictly speaking Fedora doesn't make you do the first one, but
> *well* understood for a long time how fragile this is which is why
> offline updates was created.
Well, this is a surprise to me. I guess my faith in dnf was misplaced.
Here also. The DNF team has done an excellent job in obfuscating the
horror IMO because (knock on wood) I've always been very impressed
with the features and functionality. Seems a shame that all those nice
bells and whistles will now be hidden behind some gui or pkcon.
I've been scrambling reading threads trying to understand what exactly is
the exposure here. The only thing I could find that quantified the risk
was in this kde thread:
*"...Updating online works 99.8% of the time. The 0.1%
time it will corrupt random bits of your file-system, and 0.1% of the
time it will leave you vulnerable to the security issue you thought
you just "fixed". The only way to fix this so that online updates are
safe is to redesign the centralised shared package model we use for
distributing applications. The workaround is to use offline updates..."*