On 12/23/20 11:43 PM, Gordon Messmer wrote: > It's pretty close, with one significant caveat: for (roughly) two months > out of the year, CentOS doesn't get any updates at all, including > security patches. For me, that's an awfully big risk. I would much > rather get features on a regular basis than go without security patches > for a month, twice per year. Every CentOS user accepts this as part of the "free" offering. Anyone that has problem with this gap has bought RHEL subscription, as would have I if it was important enough for me. But I would not have said there are no security for entire 2 months because CentOS devs have been pushing important security updates into CR repooitory for instance, if I remember correctly. But again, you are either OK with the wait or you buy RHEL subscription, that was the deal everyone accept. I have 3-4 CentOS servers that are inside firewall and have no internet access other then SSH with ports to them turned on only when I need to access them. On intranet side all employees (3-10 people) access shares with different users but same password (to avoid confusing them since all have physical access to every PC and usually jump in when other is unavailable). I do not update them more frequently then once every few months, so I do not loose anything if I have to wait. I only have one public facing server that I update regularly but since there are no industrial secrets on it only few websites and a mail server, I am not in need of SWAT team protecting it. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe StarOS, Mikrotik and CentOS/RHEL/Linux consultant