On 12/23/20 11:43 PM, Gordon Messmer wrote:
It's pretty close, with one significant caveat: for (roughly) two months out of the year, CentOS doesn't get any updates at all, including security patches. For me, that's an awfully big risk. I would much rather get features on a regular basis than go without security patches for a month, twice per year.
Every CentOS user accepts this as part of the "free" offering. Anyone that has problem with this gap has bought RHEL subscription, as would have I if it was important enough for me.
But I would not have said there are no security for entire 2 months because CentOS devs have been pushing important security updates into CR repooitory for instance, if I remember correctly. But again, you are either OK with the wait or you buy RHEL subscription, that was the deal everyone accept. I have 3-4 CentOS servers that are inside firewall and have no internet access other then SSH with ports to them turned on only when I need to access them. On intranet side all employees (3-10 people) access shares with different users but same password (to avoid confusing them since all have physical access to every PC and usually jump in when other is unavailable). I do not update them more frequently then once every few months, so I do not loose anything if I have to wait. I only have one public facing server that I update regularly but since there are no industrial secrets on it only few websites and a mail server, I am not in need of SWAT team protecting it.