You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
So this issue becomes: should we enable unattended-upgrades by default? That depends on how likely it is that a remotely exploitable issue with any real user impact will present itself in OpenSSH or strongSwan over the average lifetime of an Algo install (which seems relatively short for the most part).
Right now I lean on the side of not turning it on by default and keeping the existing behavior of only turning it on when the user selects "enhanced server security" during the installation process. I think the risk of a remotely exploitable flaw in either of those services are very low, especially when weighed against the reduced/hardened configurations and the risk of crashing an install due to an out of memory error.
For long running server instances, it might make sense to have ubuntu automatically update and install new packages. Documentation for this is in https://help.ubuntu.com/lts/serverguide/automatic-updates.html
The text was updated successfully, but these errors were encountered: