New kernel, should be the default

Rodolfo J. Paiz rpaiz at simpaticus.com
Tue Oct 12 22:43:21 UTC 2004 

On Mon, 2004-10-11 at 06:12 -0400, ne... wrote:
> On Oct 10, 2004 at 17:30, Rodolfo J. Paiz in a soothing rage wrote:
> 
> >the question is [...] what
> >we as a community believe is the best default behavior.
> 
> Then that is most definitely to use what is known to work, ie
> the old kernel.
> 

I see it this way:

For test releases, what we want is for people to try and test the new
kernel. So defaulting to it makes sense to me. For stable releases, I
see three reasons for defaulting to the new kernel:

	1. The old kernel is not always "what is known to work." Many times
(perhaps most?) the old kernel is "what is known to have a security
hole" which is why the new kernel was issued in the first place. New
kernels are not issued for stable releases "just because" or with any
less-than-sterling features enabled... after all, that's why it's a
stable release and not a test release.

*Not* defaulting to the new kernel risks leaving many thousands of less-
expert (or downright clueless) users running a vulnerable system unless
they find their way into a rather critical system file and edit it by
hand every time. So honestly I feel leaving the old kernel active by
default is, to some extent, a security risk.

	2. The greater good of the greater number. I think (note,
think/believe/conjecture/opine) that a MUCH larger majority of users
will prefer having the new kernel updated after they've specifically
asked for it not to be skipped in the update cycle. I think the users
who want up2date or yum to fetch/install/configure the new kernel but
*not* to make it active are in the small minority.

> >I understand your preference but believe that you are in a small
> >minority. I think the majority of users are "protected" enough by having
> >to specifically request that the kernel be updated instead of skipped,
> >
> You naturally have the figures to back this up?
> 

I apologize if the words "think" and "believe" were not clear enough,
but I could have sworn they were pretty obvious. I don't have, and will
bet money that you don't have, any statistics to back up my thoughts on
this.

But I *also* think that you are only looking at this in terms of what
*you* want or prefer, based on the kind of user you are, and that you
are not considering the best possible result for the Fedora users
community as a whole.

Feel free to disagree if you wish.

-- 
Rodolfo J. Paiz <rpaiz at simpaticus.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-test-list/attachments/20041012/a794cc6e/attachment.sig>

More information about the fedora-test-list mailing list