[CentOS] Design changes are done in Fedora

Mon Jan 12 02:24:17 UTC 2015
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On Sun, January 11, 2015 7:29 pm, Keith Keller wrote:
> On 2015-01-12, Valeri Galtsev <galtsev at kicp.uchicago.edu> wrote:
>> PS I guess I just mention it. I'm quite happy about CentOS (or RedHat if
>> I
>> look back). One day I realized how happy I am that I chose RedHat way
>> back, - that was when all Debian (and its clones like Ubuntu,...) admins
>> were fighting with the consequences of this:
>> http://www.debian.org/security/2008/dsa-1571 . If I had Debian machine I
>> would not only regenerate all key pairs, certs, etc. I would question
>> sanity of that box then, and will not be certain what confidential stuff
>> could have been stolen from it... I realized then that that level big
>> flop
>> never happened to RedHat. I couldn't even point to something that would
>> constitute big flop RedHat of then. One only criticizes something while
>> one cares about it ;-)
> Heartbleed was pretty scary, no?  I'd consider that at least as bad as
> the predictable number generator issue.

Well, heratbleed and shellshock were pretty much global: all systems (not
only Linuxes, not to say particular Linux distributions - my FreeBSD boxes
were affected too) using openssl or bash were affected... Same bad, yet
these were not flops of particular distribution, so whichever system you
decided to stick with , you had these. Not certain about you, but this
kind of makes difference for me. When I say I'm happy about [me choosing
way back] RedHat heartbleed, no heartbleed, no difference.


Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247