[CentOS] CentOS Project Infrastructure

Ron Blizzard rb4centos at gmail.com
Wed Aug 12 01:42:15 UTC 2009


On Tue, Aug 11, 2009 at 5:25 PM, Ian Murray<murrayie at yahoo.co.uk> wrote:
> I am troubled by the window of opportunity that a hacker has between RH
> releasing a point release and CentOS releasing the equivalent. Every RH
> published errata for that stream is a known weakness to your system and
> there is not a sausage you can do about it until the CentOS project delivers
> the point release. The quicker it is, the less of a problem, but the slower
> it is, the more exposed you are. CentOS have not exactly been knocking out
> the updates very quickly.

If security and immediate updates is your main criteria, then you
probably are better off with RH. But a lot of people use CentOS and,
as far as I can tell, there have not been any major security problems
caused by the unavoidable delay between RH's release and CentOS's
release. But, as someone else mentioned here, a mixture might be your
best option. RH on critical servers and CentOS on less critical ones.

-- 
RonB -- Using CentOS 5.3



More information about the CentOS mailing list