[CentOS] Update to Centos 5 anaconda kickstart %post bug?

Scott Silva ssilva at sgvwater.com
Fri Jan 9 00:45:36 UTC 2009


on 1-8-2009 3:41 PM Lanny Marcus spake the following:
> On Thu, Jan 8, 2009 at 6:33 PM, Scott Silva <ssilva-m4n3GYAQT2lWk0Htik3J/w at public.gmane.org> wrote:
>> on 1-8-2009 3:14 PM Warren, Eucke spake the following:
> <snip>
>>> I appreciate the response.  If you recall I did post the link so it's a
>>> safe assumption that I read the page and understood it's content.  What
>>> I'm after is whether there's any other information channel that might
>>> not be so obvious for seeing if there might be action coming up for an
>>> particular issue.  Being in a highly regulated industry the legal
>>> department has a tough job.  I work within the guidelines they set.
>>>
> <snip>
>>> I am restricted to 5.1 as approved by legal.  5.2 is not approved so 5.3
>>> isn't an option either.  Once I can sort out whether something
>>> "official" will fix this I can then determine how to pursue this
>>> internally.  A workaround fix does not address that the kickstart-built
>>> system will still contain this bug as it will be built from RPM's that
>>> are not fixed.
> 
>> You might want to hint to your legal department that unpatched servers sitting
>> on the internet are just waiting to be hacked and exploited.
>> The fact that they make you sit with an older version without any patches says
>> that they have no idea how much damage can be done, or how much info can leak
>> from unpatched systems.
>>
>> Maybe if a million customer records leak out because they won't let you patch
>> systems they might update their thinking.
> 
> Well said Scott. They are in the gambling business and I fully support
> what the Nevada Gaming Commission (or those in other states) does.
> However, I cannot imagine they want Software that has been updated for
> Security or Stability reasons not to be updated.
> <http://www.wms.com/aboutwms.php> Lanny
I thought the gaming industry used the IBM midrange equipment almost
exclusively, or maybe that is only on their backend systems that actually
control the machines.

Maybe the legal department doesn't realize that once updated, it is a
different version. Many other people on this list have had that impression
through the years.


-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.centos.org/pipermail/centos/attachments/20090108/0fb241f4/attachment.bin 


More information about the CentOS mailing list