Re: non-disclosure of infrastructure problem a management issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rui Miguel Silva Seabra wrote:
> The first message...
> https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00008.h
>tml
>
> ... said:
>
> 	We're still assessing the end-user impact of the situation, but as a
> 	precaution, we recommend you not download or update any additional
> 	packages on your Fedora systems.
>
> This spells "*unsafe* to install packages, without saying specifically
> why" to me, what about you? :)

To me it looked like there was a problem with the performance or availability 
of the servers, and they didn't know how much downtime there would be or how 
bad the response times would be, and they wanted us to avoid updating to ease 
the load on the servers until they could fix the problem. That wouldn't make 
it unsafe to install packages although it might be difficult to download 
them.

I can also imagine that such a recommendation would be issued if a bug in the 
build system had caused corrupted packages or incorrect dependencies. In that 
case it could be said that it would be unsafe to install packages, but I 
might still choose to update some after ensuring that I could revert to an 
older version if necessary.

It wasn't until I saw the speculations here in fedora-list that I understood 
that there might be a risk that I would get backdoors installed if I updated. 
It's mostly by chance that I'm currently reading fedora-list. If I were only 
reading fedora-announce-list I might not have understood that there was a 
security risk until yesterday's announcement, and then I would probably have 
chosen to install some important security updates despite the recommendation.

It's simple, really: People won't follow instructions if you don't tell them 
why the instructions are important.

Björn Persson

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux