| 1 |
Machell, Jonathan wrote: |
| 2 |
> Hello there, |
| 3 |
> |
| 4 |
> We're currently trialling Gentoo to possibly host some of our web-servers. I've used Gentoo for over eight years so I'm leading these trials. |
| 5 |
> |
| 6 |
> I've subscribed to this mailing list but also gentoo-server and gentoo-security. I'm trying to keep up to speed with all the latest security news affecting Gentoo, GNU/Linux, Apache and MySQL. Should subscription to these mailing lists be sufficient for this or is there any other place where I should be looking to keep on top of security issues? I'm aware that this and the other two mailing lists are low traffic but I haven't heard a peep since subscribing on Tuesday. Is that normal? I was hoping to go through the archives of previous messages at some point. Are these kept somewhere? |
| 7 |
|
| 8 |
I'm late to the party on this, but I also subscribe to the mailing lists |
| 9 |
of all public-facing software on our servers. For example, Postfix, |
| 10 |
Dovecot, SpamAssassin, Apache, PHP, ClamAV... Many security issues get |
| 11 |
reported to those lists before they're officially dubbed security issues. |
| 12 |
|
| 13 |
"Public-facing" is of course a meaningless term. Do you include |
| 14 |
iptables? How about glibc? GCC itself? You'll have to use your judgment |
| 15 |
and/or eliminate the lists that are boring to listen to. If you flood |
| 16 |
your inbox with noise, you'll stop paying attention and lose the |
| 17 |
benefits altogether. |
Archives