On Sat, May 22, 1999 at 09:40:06PM +0300, Alex Shnitman wrote:
> Gaal Yahas writes:
>
> > 1. Red Hat are producing a system, not bundling software. They
>
> True. IMHO Red Hat should try to push these changes to the official
> kernel though. I wonder why they don't do that (and keep on their own)
> -- it'd benefit them at least as much as the rest -- they won't have
> to reapply them each time a new kernel is released.
because some of these things have big interfaces to userland
stuff, and because of incompatibilities. let me guess: you don't
have the same init scripts (/etc/rc.d/) as I do, right? it won't
make sense to install rh initscripts on a debian system.
as for the current diffs - yes, I am ashamed to say I really don't
know what they are. but I _can_ understand why they exist. when a
developer is working on a feature, a local checked out dev tree is
almost essential. Yes, merges are panful, but this is a balance
with faster feature development.
> > 2. Red Hat are, IMHO, one of the best *nix vendors in terms of
> > security behaviour, responsibility, etc. In fact, I'd place them
> > second only to OpenBSD. They organize audits on existing code,
> > are extremely prompt in fixing problems, and do not hide any
> > information from their customers, whether paying or not. They
> > are very professional about this.
>
> I'd say that the difference between OpenBSD and the rest is that the
> OpenBSD folks fix the bugs before they are discovered and the rest fix
> them after. Just about every bug report on BUGTRAQ is greeted with the
> standard Theo message "where have you been, we fixed that back in '97"
> or so. :-)
Oh, things like that happen to every vendor, but Theo Deraadt has an
agenda <g>. Hmmm, Imagine the following hypothetical conversation:
BG: hey listen up, people! we made this cool thing that lets
you put a file on one drive, and point to it from another
subdirectory!
DR [to KT]: what's he talking about?
KT [to DR]: shhh, I know. [to MS]: oh yeah, symbolic links. we
had those back in '75 I think.
DR [to KT, whispers]: what's a "drive"?
BG: Oh, drat. And I had been thinking of putting them in NT2000.
But wait! I have this excellent feature, it goes like this:
when somebody sends you a packet with the urgent data flag
set, and the pointer to the data points to outside the packet,
the system doesn't crash!
DR and KT: get outta here!
--
believing is seeing
[EMAIL PROTECTED]
http://www.forum2.org/gaal/
