unattended-upgrades should not be enabled by default

Bug #1836328 reported by vvhk on 2019-07-12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
unattended-upgrades (Debian)
Won't Fix
unattended-upgrades (Ubuntu)

Bug Description

The unattended-upgrades package and the whole concept of upgrading software automatically behind user's back is HARMFUL and the service/timer should NOT be enabled by default.

It harms experience even for novice users with applications like Firefox preventing opening links until you restart it (which is terribad if you're in the middle of some work and don't want to do that at THAT particular moment!), and some other applications crashing in some cases, especially applications that run sub-processes interactively or on timers/cronjobs -- where updates to their libs or other dependencies create error states due to version/API/ABI mismatches.

Please do not enable the service/timer by default and leave it to advanced users to enable assuming they understand the consequences.

The same problem plagues snaps but that's a different bug report I suppose.

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in unattended-upgrades (Ubuntu):
status: New → Confirmed
Balint Reczey (rbalint) on 2019-07-12
Changed in unattended-upgrades (Ubuntu):
status: Confirmed → Won't Fix
Balint Reczey (rbalint) wrote :

Individual packages can be fixed to deal with being upgraded while their executables are running. W3m for example keeps running fine and in my past experience Firefox just told the user to restart it but kept running.

There is automation in place to ensure restarting services relying in shared libraries for software packaged in Ubuntu, but there is nut much unattended-upgrades can do to help software surviving upgrades in case the software is not packaged as a .deb.

Unfortunately you can't fix individual packages, and you're a bit wrong about Firefox. Yes it keeps running, but does not open new tabs/sub-processes until it's restarted, so effectively it's in a crippled state, which depending on your what you're working with through it, maybe constitute a Denial of Service.

The simplest solution is not to change underlying software without user intervention, by default.

An information system that modified its own code, unexpectedly without user intervention (which happens here as the user is not warned there's an update and asked if they want to proceed), is effectively a compromised system and that behavior is closed to malware.

Please reconsider removing unattended-upgrades operating by default.

s/closed to/close to/ .

Changed in unattended-upgrades (Debian):
status: Unknown → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.