On 6/21/2011 5:36 PM, Karanbir Singh wrote:
> On 06/21/2011 09:26 PM, Les Mikesell wrote:
>> So, again, under what circumstances does anyone think it is a good idea
>> to not opt into this repo and instead keep running code that will very
>> likely have published exploits over a time span that we've seen can run
>> for months?
>
> Sounds like a good question to bring up at your next user group meeting.
> From the CentOS perspective, its important we give people the
> opportunity to get these packages as soon as possible so they can make
> their choice.
>
> I dont particularly care about their religious choice or their internal
> implementation policies, and this list isn't the place to bash them around.
Let's say we disagree about choosing to continue to run software with
known/published exploits. I think you need very, very, good reasons to
make that choice, which is why I think the choice should be opt-out, not
in. It may be a matter of faith one way or another, but I think there
is a lot more reason to risk installing the fixes than to leave it as a
matter of time until someone takes over your machines for DDOS attacks
against others or worse.
--
Les Mikesell
lesmikesell at gmail.com