On Thu, 9 Apr 2020 at 08:40, Simon Matter via CentOS <centos@xxxxxxxxxx>
wrote:
> > On Thu, Apr 09, 2020 at 11:06:45AM +0200, Nicolas Kovacs wrote:
> >> Which leads me to the more general question of: enable CR on a
> >> production
> >> server, yes or no?
> >
> > Not on production. Only for testing.
>
> I'm not sure. Running production environments without CR enabled means
> you're running without current security updates for quite some time. Seems
> a bad and risky idea to me.
>
>
Like most things in the world, there is no single answer which will satisfy
all the different demands that all the environments have. You have to weigh
what each environment needs in terms of confidentiality, availability, and
integrity (or whatever 3 or 4 letter acronym your site uses) then answer if
it is a good idea or not. If you need high availability, then you are going
to set things up where testing is done first then roll out of updates is
done. If you need high confidentiality, you may push out security updates
more and if you need high integrity, well you probably make the waterfall
model look simple in what you have to do to make sure anything changes
anywhere.
> Regards,
> Simon
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
--
Stephen J Smoogen.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
