On Thu, Aug 21, 2008 at 8:51 PM, Matthew Miller <mattdm@xxxxxxxxxx> wrote: > On Thu, Aug 21, 2008 at 02:22:41PM -0400, max wrote: >> Informing people of the dangers is the right thing to do, forcing them down >> your path is never the right thing to do. > > Here's the thing: they're on that path, the path we put them on by making > Fedora so attractive. The path, however, leads to the top of a big cliff, > below which swim hungry sharks. We should definitely put some signs at the > top of the cliff. And we should do this: put a net to catch anyone who falls > over anyway. If preventing network access is a good thing to do at end of life, shouldn't security updates be forced on users as well. If security updates aren't going to be mandatory, perhaps the system should use the autodie measures every few months to prevent network access as well. Un-applied security patches are just as bad as using an EOL system. Also, I don't think that removal of a default route goes far enough. If there's one EOL system on the network, there are probably more. All networking should be disabled. Otherwise, a user may re-enable one machine only to have it compromised. The exploit could search out other machines on the local network, re-enable their default routes and use them for its nefarious purposes. -- James Hubbard -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
