Hello,
How do you debian guys feel about this situation ... it makes me cringe a
little, but it should be fine theoretically:
A Knoppix HD install installs some bastard combination of debian testing and
unstable with a few of its own packages. This is clearly not ideal for
installing a server (really fast moving target ... lots of updating, not
guaranteed to get security updates for packages). So lets say that I will just
be installing a machine that will be a web server with PHP and MySQL with SSH
running. With no local users (other than the admin). No X either. So the only
services I have listening are ssh and apache (PHP and MySQL via apache).
Would you consider it safe to pin these packages and their dependancies back to
stable and only put security.debian.org (stable) in sources.list then the only
packages that would ever get changed would be these guys. I would also keep
track of the kernel since that too may be remotely vulnerable.
Austin
PS - I have tried downgrading to stable ... nightmare ...
(text/plain)