[Bug 1700930] Re: Default action policy for "Security Updates" changed between 14.04 and 16.04
Sebastien Bacher
seb128 at ubuntu.com
Fri Jul 28 13:35:18 UTC 2017
Reassigning to unattended-upgrades which is what has the configuration,
software-properties is just a frontend allowing to edit it
** Package changed: software-properties (Ubuntu) => unattended-upgrades
(Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1700930
Title:
Default action policy for "Security Updates" changed between 14.04 and
16.04
Status in unattended-upgrades package in Ubuntu:
Confirmed
Bug description:
In Ubuntu 14.04.5, the default policy under the "Updates" tab for
"Security Updates" is set to "Display Immediately".
In Ubuntu 16.04+, the default policy is now "Download and Install
Immediately".
I think this occurred due to the fix rolled out for bug #1554099.
This has the following consequences:
- Users may be denied apt lock when trying to install software because
unattended-upgrades is running in the background.
- If a shutdown is forced when the background update is running, users
may be left with an unstable system
- In case the update server is compromised and made to deliver
malware, the blow to the userbase will be massive
- From a PR standpoint, this moves away from the previous "your system
won't ever do stuff without your permission" default policy.
I'm of the opinion that the "Display Immediately" default should be
rolled back. Failing that at least an official policy change
announcement should be published so that users are made aware of this
new default.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1700930/+subscriptions
More information about the foundations-bugs
mailing list