[LINK] OSS means slower patches
lannet at lannet.com.au
Wed Sep 21 08:28:44 EST 2005
One problem with auto-updating is that it is not always a good idea and
many corporations don't allow it. They prefer to have managed updates
where the effect of the updates is tested in a non-critical environment
first. Just think how many M$ updates have been found to be problematic
Glen Turner wrote:
> Howard Lowndes wrote:
>> Glen Turner wrote:
>>> OSS does bring some interesting security issues of its own.
>>> For example, I find the lack of a timebomb in Linux distributions
>>> with a limited supported life to be very frustrating (yes,
>>> Fedora Core, I mean you).
>> Glen, what's your implication by that remark. I'm interested because
>> I use FC. If you're saying that they roll out versions to rapidly
>> then I would probably agree (FC5 is due in a couple of months), or is
>> it because FC1 & FC2 have been abandoned. I have found that the
>> upgrade process from FC3 to FC4 is reasonably seamless, though
>> painfully slow.
> The implication is that you've got machines out there
> that haven't been upgraded (which is a manual process),
> are not being automatically patched (since the source
> of automated patching isn't making new patches available),
> but are still connected to the Internet. Give those machines
> time and they will be hacked.
> I'd have thought that Red Hat could have easily put in a
> cron job which shuts down the Internet-facing interface
> of a machine which is running past the expected expiry
> date of patch support.
> If third parties want to extend support they can easily
> increase the date (say in "/etc/redhat-expiry") to a value
> they think is reasonable, as can users which want to take
> the risk of running an unsupported OS (say by "chkconfig
> redhat-expiry off").
LANNet Computing Associates - Your Linux people <http://lannet.com.au>
When you just want a system that works, you choose Linux;
When you want a system that just works, you choose Microsoft.
Flatter government, not fatter government;
Get rid of the Australian states.
More information about the Link