Web lists-archives.com

Re: PHP Support in Debian

Am 20.10.18 um 03:50 schrieb Chris Knadle:
> Jonas Meurer:
>> * Adding backports to my sources.list doesn't automatically pull any
>>   packages from there. I have to choose particular packages in a manual
>>   process in order to install them from backports. That's different for
>>   repositories like sury.org that provide packages under the release
>>   target (e.g. 'stretch').
>>   If I add deb.sury.org to my sources.list, then installed packages with
>>   newer versions in this repo are automatically upgraded. This makes it
>>   much easier to abuse the repo, e.g. in order to spread malware. In
>>   other words, the attack vector is way larger.
> There's an available middle-ground, which is to add an additional repository to
> the sources.list file and add an apt Pin-Priority in /etc/apt/preferences.d/ for
> that repository (of say priority 150) such that any installed packages from the
> additional repository get updated, but any not-already-installed packages from
> the additional repository aren't automatically used for upgrades.
> See 'man apt_preferences' for details.

Jep, you're right. I was talking about the default experience for users
who don't know about advanced tricks.


Attachment: signature.asc
Description: OpenPGP digital signature