🐧 Which is More Secure for a Server: Rolling Release Distros or Fixed Release Distros?
Nachrichtenbereich: 🐧 Linux Tipps
🔗 Quelle: reddit.com
Fixed release distros seem to be the most common choice for servers as they are somewhat more stable and require less maintenance. I recently read madaidan's article about security in Linux, and they recommend against fixed release distros as "they are often quite behind on security updates". This made me want to get more opinions on this from people here, and also in general reconsider whether a fixed release distro is best for a server in terms of security. I personally do not mind extra maintenance on a server if it means better security, especially if it's mostly just constant updates and momentary or very short downtimes.
If rolling release is the answer, then which rolling release distro would you recommend most for an ARM server?
EDIT:
madaidan's argument against fixed release distros is as follows: "[Fixed Release Distros] only ever backport security fixes that receive a CVE. However, this misses the majority of them. Most fixes do not receive CVEs because either the developer doesn’t care or because it’s not obvious whether or not a bug is exploitable at first.
Debian maintainers cannot analyze every single commit perfectly and backport every security fix. They have to rely on CVEs which people do not use properly."
[link] [comments] ...
🐧 Stable rolling release distros using flatpak
📈 26.38 Punkte
🐧 Linux Tipps
🐧 Rolling release distribution for Server
📈 19.57 Punkte
🐧 Linux Tipps