[Techtalk] Using Debian Testing (Sarge) on production servers
Carla Schroder
carla at bratgrrl.com
Mon Mar 8 22:06:25 EST 2004
On Saturday 06 March 2004 9:45 pm, Rasjid Wilcox wrote:
> Re: [Techtalk] Using Debian Testing (Sarge) on production servers
> From: Rasjid Wilcox <rasjidw at openminddev.net>
> To: techtalk at linuxchix.org
>
> On Saturday 06 March 2004 12:42, Carla Schroder wrote:
> > There are two approaches that make sense to me:
> >
> > 1. Run a base Stable system, and add packages from Testing only as you
need
> > them. This minimizes your risk of being 'sploited.
> >
> > 2. Run a completely Testing system. It's a little less work, but you
better
> > have a really really good firewall! and don't forget egress filtering.
>
> Unfortunately this box will not be behind a firewall. It will effectively
be
> a public server. (I will of course have firewall rules in place on it.)
>
> The other option I have is to use some backported packages.
>
> Really, I think that it is only a newer version of php4 that I desperately
> need. http://apt-get.org has provided a few options.
>
> I realise that I'm then depending on the individual who did the backport to
> keep up with security issues, but at least that risk is minimised to just a
> single package.
Just running a newer php4 doesn't sound so dreadful. I would try running it on
a base Stable system, and paying close attention to iptables rules and system
logs. :)
--
~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
www.tuxcomputing.com
this message brought to you
by Libranet 2.8 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Techtalk
mailing list