[CentOS-devel] Before You Get Mad About The CentOS Stream Change, Think About…

On 12/23/20 11:43 PM, Gordon Messmer wrote:
> It's pretty close, with one significant caveat: for (roughly) two months
> out of the year, CentOS doesn't get any updates at all, including
> security patches.  For me, that's an awfully big risk. I would much
> rather get features on a regular basis than go without security patches
> for a month, twice per year.

Every CentOS user accepts this as part of the "free" offering. Anyone
that has problem with this gap has bought RHEL subscription, as would
have I if it was important enough for me.

But I would not have said there are no security for entire 2 months
because CentOS devs have been pushing important security updates into CR
repooitory for instance, if I remember correctly. But again, you are
either OK with the wait or you buy RHEL subscription, that was the deal
everyone accept. I have 3-4 CentOS servers that are inside firewall and
have no internet access other then SSH with ports to them turned on only
when I need to access them. On intranet side all employees (3-10 people)
access shares with different users but same password (to avoid confusing
them since all have physical access to every PC and usually jump in when
other is unavailable). I do not update them more frequently then once
every few months, so I do not loose anything if I have to wait.
I only have one public facing server that I update regularly but since
there are no industrial secrets on it only few websites and a mail
server, I am not in need of SWAT team protecting it.


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant