vulnerability of Linux

Mike McCarty mike.mccarty at
Tue Nov 29 01:00:58 UTC 2005

Les Mikesell wrote:
> On Mon, 2005-11-28 at 18:31, Mike McCarty wrote:
>>>Why is it safer to update 10 packages once a month than 0.33 packages
>>>every day?
>>Because packages sometimes get retracted. I like to let them
>>soak for a while before installation. And I don't install 10
>>a month. Usually, only two or three get updated. Also, when
>>I update, I *look* at what is being updated, and I don't always
>>accept everything there.
> Can you give some examples of where you have known better
> by "looking" at the updates than the developers who wrote
> them about whether you are safer without them?

I declined xine a couple of times at least, because it wanted
to pull a bunch of stuff I didn't have installed. I have declined
Thunderbird several times. I have declined Mozilla a couple of
times. I have declined OpenOffice at least twice. I have declined
up2date every time. I'm glad to say that it is no longer on the
list of things which get updated for me. I have declined
selinux a few times. I have declined ssh once, I think.

I use yum, not up2date.

This message made from 100% recycled bits.
You have found the bank of Larn.
I can explain it for you, but I can't understand it for you.
I speak only for myself, and I am unanimous in that!

More information about the users mailing list