[CentOS-devel] [off topic] Oracle Lnux

Johnny Hughes johnny at centos.org
Fri Jan 5 09:51:38 UTC 2007


On Fri, 2007-01-05 at 10:14 +0100, Daouda Lo wrote:
> On 1/5/07, Johnny Hughes <johnny at centos.org> wrote:
> > On Thu, 2007-01-04 at 07:56 -0200, TEOTONIO wrote:
> > > Hello all,
> > >
> > > this is my first post. :-)
> > >
> > > Enterprise Linux Oracle is Centos or is based on Centos???
> > >
> > > Sory my bad english :(
> > >
> > > I am a author of distro Libertas based on Fedora Core 3.0, instaled in
> > > plus 9000 PCs on scholl LAN (Belo Horizonte-MG Brazil).
> > >
> >
> > Well ...
> >
> > CentOS is based on the source files released here:
> >
> > http://ftp.redhat.com/pub/redhat/linux/
> >
> > Oracle Unbreakable Linux is based on the same source files.
> >
> > Oracle did also take some of the work that we have done (our changes to
> > above linked source files) and incorporated it into their product.
> > CentOS is GPL, so there is nothing wrong with that ... though they
> > should have that in their press and they don't.
> >
> > Still I would objectively say, that for the most part their product is
> > based on the RHEL sources (as CentOS only changes maybe 2% of the files
> > for artwork/trademark reasons) ... but they have certainly also based
> > their changes {on the files that need changing} on our work as well.
> >
> > Now ... if they would stop giving away free ISOs with security issues
> > and not allowing those to be updated for free, their potential customers
> > could actually deploy their product for testing and not fear that their
> > servers would be owned.
> >
> > Oracle REALLY, REALLY, REALLY needs to rethink this policy ... giving
> > away free ISOs that contain packages with known security vulnerabilities
> > and not providing free security updates is wrong headed and ABSOLUTELY
> > IRRESPONSIBLE.
> >
> > I can't understand how they can sleep at night.
> 
> It's the same policy as RedHat and its RHN thingie. Both ORacle and
> Redhat provide fee-based updates.

Not the same at all ... Red Hat does not give away fully functioning
ISOs for free and not provide access to updates.  They allow access to
the ISO and the updates via RHN ... so if you got the ISO from them, you
have updates.

They also provide a 30 day trial to and ISO and to the updates.

Oracle gives away the ISO for free and provides no updates at all.
Those are very different.  The minute you install Oracle Linux for
testing, it is a security risk with no way to fix it.  That's fine
behind a firewall ... it is not if that machine touches the Internet.

> Fedora and Centos are the ways to go if you want to be totally free.

I don't disagree with that.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20070105/17f79e22/attachment.sig>


More information about the CentOS-devel mailing list