[CentOS] security compliance vs. old software versions
Les Mikesell
lesmikesell at gmail.comWed Jun 30 22:03:41 UTC 2010
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 6/30/2010 4:39 PM, m.roth at 5-cent.us wrote: >> companies/business units/administrators police themselves so you need >> metrics for someone else to test with. And even internally you need to >> document why the failure of any standard check should be overlooked. > > No, the security people should have defined requirements specifically for > our environment, rather than using something that's designed, say, for a > std. corporate IT dept. I like the sentiment, but the people making the situation-specific rules would need to know more than the people actually doing the work which doesn't seem likely to happen. And there's some value in making everyone follow the same rules. -- Les Mikesell lesmikesell at gmail.com
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list