Hello, I'm using the Fedora distro for my desktop since a while. But now I want to setup a web server. For me it doesn’t make much sense to setup Fedora as a productive server system because this would need too much attention for all the updates (that’s a point I really love for the desktop!). Another thing that is very cool (or the main reason why I’ve chosen Fedora as my primary system) is it’s great focus on security (let’s think of the implementation of SELinux). Now my question is: How is the Debian security compared to the security of Fedora? They don’t have SELinux, ok.
The reason why I want to use Debian is, because a RHEL subscription is too expensive for a home server and the CentOS project… Well sometimes (not in general) they are a bit slow in providing security updates.
So is Debian as secure as Fedora? Thanks for all upcoming replies!
Max
---------------------------------------------------------------- Mit einer kostenlosen E-Mail-Adresse @t-online.de werden Ihre Daten verschlüsselt übertragen und in Deutschland gespeichert. www.t-online.de/email-kostenlos
On 31/10/14 12:43 PM, max.lulu.07@t-online.de wrote:
Hello, I'm using the Fedora distro for my desktop since a while. But now I want to setup a web server. For me it doesn’t make much sense to setup Fedora as a productive server system because this would need too much attention for all the updates (that’s a point I really love for the desktop!). Another thing that is very cool (or the main reason why I’ve chosen Fedora as my primary system) is it’s great focus on security (let’s think of the implementation of SELinux). Now my question is: How is the Debian security compared to the security of Fedora? They don’t have SELinux, ok.
I use Fedora in production for web servers, yum update is automated, TBH I can't remember the last time a Fedora update actually broke something I noticed (been using Fedora in production for 5+ years now).
The reason why I want to use Debian is, because a RHEL subscription is too expensive for a home server and the CentOS project… Well sometimes (not in general) they are a bit slow in providing security updates.
I'd like to see your numbers on this. CentOS tracks RHEL pretty quickly, Debian is pretty good but not somehow magically better/faster all the time on security updates.
So is Debian as secure as Fedora?
It's like comparing Gala apples to Fuji apples. Yes. No. Maybe. It depends. It also depends on how you define "as secure". You need to ask a better question.
Thanks for all upcoming replies!
Max
On 10/31/2014 08:10 PM, Kurt Seifried wrote:
I'd like to see your numbers on this. CentOS tracks RHEL pretty quickly, Debian is pretty good but not somehow magically better/faster all the time on security updates.
Debian can be faster for three reasons: lack of QA, ability to do embargoed builds (unlike Fedora and CentOS), and direct package pushes to the centrally hosted security.debian.org repositories.
Debian can push emergency fixes in roughly twice the build time plus ~15 minutes (for repository push and mailing list notification). After that, the packages are ready for installation, world-wide, independent of the local mirrors used. Embargoed builds (for non-emergencies) hide the build time.
For Fedora, updates become available on mirrors as they sync with the master repositories, so there is a longer delay than 15 minutes. There is also a tool-supported QA process which can add delays as well (but this may be a good thing in some cases).
However, this delays are less relevant than the decisions (explicit or otherwise) which security updates to provide. In Fedora, it is pretty much up to the package maintainer (who will receive gentle prodding in case people care), rebases to new upstream version are generally accepted, and security bugs of any severity can be fixed. For Debian stable, the security team triages bugs based on their severity, and only a subset is fixed through a formal security update (minor issues can be corrected through regular bug-fix updates), and there is a general requirement to do backporting (which is more work for everyone involved).
In short, you'll see fixes for slightly differing sets of bugs, and which set is better, is difficult to tell without knowing your specific use case.
On 10/31/2014 02:43 PM, max.lulu.07@t-online.de wrote:
Hello, I'm using the Fedora distro for my desktop since a while. But now I want to setup a web server. For me it doesn’t make much sense to setup Fedora as a productive server system because this would need too much attention for all the updates (that’s a point I really love for the desktop!). Another thing that is very cool (or the main reason why I’ve chosen Fedora as my primary system) is it’s great focus on security (let’s think of the implementation of SELinux). Now my question is: How is the Debian security compared to the security of Fedora? They don’t have SELinux, ok.
The reason why I want to use Debian is, because a RHEL subscription is too expensive for a home server and the CentOS project… Well sometimes (not in general) they are a bit slow in providing security updates.
So is Debian as secure as Fedora? Thanks for all upcoming replies!
1. CentOS
2. Secure Containers: http://sandbox.libvirt.org/networking/ http://danwalsh.livejournal.com/59144.html http://sandbox.libvirt.org/quickstart/
Max
Mit einer kostenlosen E-Mail-Adresse @t-online.de werden Ihre Daten verschlüsselt übertragen und in Deutschland gespeichert. www.t-online.de/email-kostenlos
-- security mailing list security@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/security
security@lists.fedoraproject.org