[CentOS] CentOS Project Infrastructure

Wed Aug 12 00:21:13 UTC 2009
Max Hetrick <maxhetrick at verizon.net>

Marko Vojinovic wrote:

> Why don't you go with the SL or even pay RH, if you are that concerned about 
> hacking attempts? It seems clear that CentOS is not a good distro for you if 
> you are not satisfied with its update schedule. I believe it is better to make 
> a different choice of distro, than to ask for substantial changes in the 
> current one, especially if other people should do that extra work for you.
> 
> And please don't tell me that SL has other flaws. If security is your first and 
> most important concern, the best thing is to buy RH, it is definitely worth it.
> If you cannot invest money, go with SL, they have faster updates. If things 
> break, well, at least you didn't get hacked. You should evaluate what is best 
> for your situation and go with it, not ask CentOS to be both rock-solid and 
> fast with updates at the same time.


First off, after reading this thread, or should I say book, entirely, 
like a few others have said, I thank the CentOS developers greatly for 
all that they do. They spend an incredible amount of time keeping this 
project going, and I think they do a great job at it, considering it 
costs nothing to us as users.

What we do at my employer is exactly that. We pay for RH support and 
updates on business critical servers, and servers that are facing the 
outside world. We get our updates quickly, and have support available 
should we need it on those machines that we feel are critical in this 
regard to security and support.

CentOS fits into our organization by utilizing it for all non-critical 
deployments, PCs/workstations where they can be used, along with 
terminals and backup servers inside the network. A lot of our CentOS 
installations are actually virtualized too. It works out perfectly for 
us this way.

If you absolutely need updates and your main concern is security, buy 
some RH support on all machines that you're worried about. Then utilize 
CentOS on the inside where it's probably not so critical that a patch 
isn't applied for a few weeks.

This philosophy has served up very well over the years, and we've never 
had any issues in this regard. CentOS saves our non-profit organization 
a lot of money every year by applying this configuration, and we get the 
feel good fuzzy feeling that we have outside machines patched immediately.

While I think there probably are or have been some communications issues 
with CentOS, I don't think it warrants beating up the developers over 
it. I cannot begin to understand the build process, since I'm not a 
developer, but I think people need to cut some slack to those that offer 
you a product free of charge.

Personally my company chooses and sticks with CentOS because it has been 
rock-solid, and is always 100% compatible with upstream, which is 
important to us.

I'm a very un-important CentOS user, but this is how my company runs 
things, and how we feel, and perhaps you should consider this as well.

Regards,
Max