• poinck@lemm.ee
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    8 months ago

    Did you think of testing security updates on a staging environment before going in production with it, if you suspect in can break things?

    I think there is no excuse to apply security fixes wich have a CVE number.

    If you are on Debian stable unattended updates are not a problem.

    • 0x4E4F@lemmy.dbzer0.comOP
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      edit-2
      8 months ago

      See, building and configuring a staging environment also takes time and money… money which they are not willing to spend on something “for testing” and not in actual use. Plus, I’m not gonna get paid for doing that either, so why actually do it… to be honest, I would do it, even for free, but you gotta caugh up the money for the hardware man. I’ve been told “just use what you have in the scrap pile”… for what, a server 🤨? Are you serious? They barely spend any money on that even, why should I bother creating something as e staging environment.

      • poinck@lemm.ee
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        This sounds so horrible, I would consider finding a better employer. I hope, you are not stuck with them.

        • 0x4E4F@lemmy.dbzer0.comOP
          link
          fedilink
          arrow-up
          1
          ·
          8 months ago

          Actually, I kinda am. Can’t really afford to spend a month or two without pay, so if I do find anything better (which I seriously doubt, every company here is more or less the same regarding IT practices), it would have to be a drop in replacement, which is also hard to do here (they’re gonna try and squeeze as much free labour as possible from you, so you’ll probably be stuck with a 200, 250 euro freelance salary for the next month or two, and as I said, I just can’t afford to do that right now, money is tight, got a family now).