SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-22-2008, 12:27 PM
| ||||
| ||||
 Re: system auto security update over night On Tuesday 16 May 2006 01:43, Sandro guly Zaccarini wrote: > On Tue, May 16, 2006 at 10:20:45AM +0000, Steffen Wendzel wrote: > openbsd team work with security in mind. > automagically-download-patch-install-upgrade is NOT security. if you > have 1/2 systems, you do not need no automation. if you have a lot of, > you can waste a couple of minutes to install a build-my-binary-patch > box. > this is insane, think about what will your boss do if your automagical > upgrade broke your mysql (like debian does). think about it a while. For a good example of what it takes to do a quality patching system, look at Redhat. Look at all the aspects of their system (from up2date or yum) to their package manager (rpm with GPG signed packages for integrity) to their patching policy (back-patching security problems for the lifetime of the distribution release, 7 years). IMHO, that's what it takes for a real secure enterprise level patching system, and I doubt the openbsd developers would want to develop anything less secure, and I doubt they have the resources to implement something equivalent to this anytime soon. Mainly because of the back-patching. The rest is easy to implement or build, but the back-patching is very resource intensive. -- - Kevan Benson - A-1 Networks - 707-570-2021 x202      |
Linear Mode
