Re: non-disclosure of infrastructure problem a management issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Aug 22, 2008 at 10:36:21AM +1200, Clint Dilks wrote:
> Bjoern Tore Sund wrote:
>> It has now been a full week since the first announcement that Fedora  
>> had "infrastructure problems" and to stop updating systems.  Since  
>> then there has been two updates to the announcement, none of which  
>> have modified the "don't update" advice and noen of which has been  
>> specific as to the exact nature of the problems.  At one point we  
>> received a list of servers, but not services, which were back up and  
>> running.
>>
>> The University of Bergen has 500 linux clients running Fedora.  We  
>> average one reinstall/fresh install per day, often doing quite a lot  
>> more. Installs and reinstalls has had to stop completely, nightly  
>> updates have stopped, and until the nature of the problem is revealed  
>> we don't even know for certain whether it is safe for our IT staff to  
>> type admin passwords to our (RHEL-based, for the most part) servers  
>> from these work stations.

With 500 clients ?
Are you pulling updated from the internet or are
you pulling from a local cache of "tested" updates.

Are you using site specific kickstart config files that install local
yum config files, ssh keys, sendmail setup and sudo config files so your admins can
access the hosts without typing pass words?

What revision control of the config files?

I can see that the lack of updates would prove disconcerting
but the inability to maintain day to day, another one just like
yesterdays install seems fragile.

In business school there is a strategy of "owning your own
dependencies".   The long term success stories in business include 
strong control of resources that they depend on.

It is possible to manage yum and friends to allow only update packages resigned by
your group at Bergan after testing them.

My last question -- what is the University of Bergin's written policy for
this type and other risks.   Does university policy mandate the disclosure 
that you expect from RedHat.

----

In possible defense of RH does anyone know what restrictions the US Department
of Homeland Security might impose?   If I was RH I would have promptly called in
the authorities.  Then with the conflict between  Georgia and Russia catching 
headlines who knows how cautious and SLOW RH+DHS+FBI were.  I do not
expect an answer.....    and just because some are paranoid, RH did get hacked....




-- 
	T o m  M i t c h e l l 
	Got a great hat... now what.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux