[LINK] OSS means slower patches

Howard Lowndes lannet at lannet.com.au
Wed Sep 21 08:28:44 EST 2005 

One problem with auto-updating is that it is not always a good idea and 
many corporations don't allow it.  They prefer to have managed updates 
where the effect of the updates is tested in a non-critical environment 
first.  Just think how many M$ updates have been found to be problematic 
when implemented.

Glen Turner wrote:
> Howard Lowndes wrote:
> 
>> Glen Turner wrote:
>>
>>> OSS does bring some interesting security issues of its own.
>>> For example, I find the lack of a timebomb in Linux distributions
>>> with a limited supported life to be very frustrating (yes,
>>> Fedora Core, I mean you).
>>
>>
>>
>> Glen, what's your implication by that remark.  I'm interested because 
>> I use FC.  If you're saying that they roll out versions to rapidly 
>> then I would probably agree (FC5 is due in a couple of months), or is 
>> it because FC1 & FC2 have been abandoned.  I have found that the 
>> upgrade process from FC3 to FC4 is reasonably seamless, though 
>> painfully slow.
> 
> 
> The implication is that you've got machines out there
> that haven't been upgraded (which is a manual process),
> are not being automatically patched (since the source
> of automated patching isn't making new patches available),
> but are still connected to the Internet.  Give those machines
> time and they will be hacked.
> 
> I'd have thought that Red Hat could have easily put in a
> cron job which shuts down the Internet-facing interface
> of a machine which is running past the expected expiry
> date of patch support.
> 
> If third parties want to extend support they can easily
> increase the date (say in "/etc/redhat-expiry") to a value
> they think is reasonable, as can users which want to take
> the risk of running an unsupported OS (say by "chkconfig
> redhat-expiry off").
> 

-- 
Howard.
LANNet Computing Associates - Your Linux people <http://lannet.com.au>
-- 
When you just want a system that works, you choose Linux;
When you want a system that just works, you choose Microsoft.
-- 
Flatter government, not fatter government;
Get rid of the Australian states.

More information about the Link mailing list