LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Forcing updates works

Forcing updates works

Posted Feb 12, 2009 14:55 UTC (Thu) by mattdm (subscriber, #18)
Parent article: Forcing updates

We've been doing this with BU Linux for about seven years. In that time (minus one exceptional situation, which wasn't that severe), the only Linux systems broken into were those a) running a different distribution or b) who had disabled the automatic updates. We had a couple of incidents where QA failures caused issues, but the number and severity of those occurrences pales compared to cases a) and b) (where system compromise appears to be almost inevitable).

Admittedly, this is with a installed base of 1200 systems or so rather than millions, but it's also in a very hostile security environment. I think it makes a good case study.

(Log in to post comments)

Forcing updates works

Posted Feb 14, 2009 4:35 UTC (Sat) by i3839 (guest, #31386) [Link]

It seems simple en safe enough if you replace the existing software with exactly the same version, but with that bug fixed. Most possible problems seem to come from the urge to update the software at the same time as fixing a security problem, which is oh so very tempting...

Forcing updates works

Posted Feb 20, 2009 4:45 UTC (Fri) by Drone (guest, #56757) [Link]

> I think it makes a good case study.
The only problem is that your case study does not accounts any potential losses which may occur if system update interrupts me and my job or whatever else. And if someone willing to obtain even more backslash than Vista and MS from users for harming their privacy and freedom of choice, annoyance, etc - that's right way to go.

From another side there is nothing wrong if updates are automatically installed by default so non-aware users are updated. But there should be override and choice anyway so I can regain my power to make decisions. Or it will be considered as atempt to FORCE me to do something against my wishes. This is unacceptable and called "slavery" btw. It's my computer for me. Not I am for my computer...

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds