Install PostgreSQL from official 3rd party repo As apt needs to run as root, a malicious package can do untold amounts of damage to your system and data. That is even more so on a production server.
so no malicious actor can get write access). I would recommend that you DO NOT ever install packages from random apt repos that you may find, unless you trust the provider, not just that they won't do anything malicious, but also that they will act in a responsible way and ensure the security of the repository is not compromised (e.g. Always be careful when installing software from third parties. When available, one of the easiest, and likely best is to use a third party apt repository. In that scenario, there are often a range of install options. However sometimes there are features in a newer version which you really need - or perhaps you just want to test them out. That means that your system will remain relatively secure (reboots are still required for kernel and other low level components - but otherwise security updates are auto applied nightly). It allows us to ship with automated security updates enabled and the risk of things going badly are relatively low. The rationale for that is that then automated security updates are relatively safe. Where possible, we recommend that TurnKey users just use the packages provided by the Debian (or TurnKey) official apt repos.
I started answering his support request, but then thought I might as well post this on the blog as perhaps it provides value for others?!įirstly, some context and background. He noted that he was interested in Postgres 14 or higher because of the new IVM extension (incrementally updating materialized views). TurnKey Hub user Vishal recently asked about installing PostgreSQL v14+ on TurnKey.
0 kommentar(er)
