[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RedHat 7 distribution cds



Nadav Har'El wrote:
> Installing Redhat 7 (or Redhat 6.2, or Madrake, or Debian, or anything older
> than one month), without installing all the updates is the computer-security
> equivalent of suicide....

While I agree with this 100%, to me, a simple thing like having a working
C library and C compiler are far more important. Now that there is a
production release of the gcc-2.96 and glibc-2.2, I would stick with those
on an RH 7 system before I would try a 7.1 and hope. 

For a while there, I was running with the "other" C compiler (egcs) that
came with RH7, but programs that used glibc failed in strange ways
with the included glibc.  

BTW in our mixed version environment open-ssh did not work with the
ssh-1.26 we are running on some machines and I went back to ssh-1.26. 
SSH-KEYGEN was one of the things that failed until I upgraded glibc.

Financialy Red Hat is in the toilet, and they are producing releases
faster than they have ever done before. (worse than the 6-6.1-6.2
fiasco). Which IMHO should have been 6.0 beta 1, 6.0 beta 2 and 6.0
prod.  One of the programers who has since left for our New York office,
Sasha Belikoff, was offically part of the beta for 6.0, but I was the
one who found the bugs. He just got the glory (and the free copy). :-)

It's not all RH's fault. They are not to blame for the unreliable NFS in
the late 2.2 kernels that persisted up to the production release of 2.4 

> So when you get a relatively old distribution (say, over one month), make
> sure the same person also gives you all the current updates; downloading it
> all yourself from the Internet can be a real pain (Redhat 7 security updates
> now are over 100MB, although certainly some are much more important than
> others), and connecting to the Internet without doing these updates is as
> wise as going to a Linux convention wearing an "I Love Microsoft" T-shirt :)

That's what wget is for. Also note that there were two 7.0 releases,
7.0 and 7.0 "respin". Spin doctoring for "we really messed this one up".


> Use the ipchains, Luke!

And the host.allow and host.deny files too.

I'm on vacation until late next week, but I'd gladly provide rh7 disk 1
and 2 to anyone who needs it and can arrange to pick it up. (in Jerusalem
or Tel Aviv). I guess I need to download the security upgrades too,

Geoff.

--
Geoffrey S. Mendelson
Tel:  972-(0)3-6944-211  Fax: 972-(0)3-6944-225 Email: gmendelson@bloomberg.com
"../sysdeps/generic/libc-start.c:119: warning: `noreturn' function does return"


=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il