On Wed, Oct 04, 2006 at 11:37:14AM +0200, Fokke Dijkstra wrote:
> Actually, this did not happen (and should not have happened either) with
> Redhat, Scientific Linux and CentOS. The problem only appeared in
> Scientific Linux *CERN*, and should not have happened there either. If
> you want to supply a Redhat Enterprise Linux compatible distribution,
> you should adhere to Redhats policy of not doing any major version
> changes within a given version of the OS. It seems SLC does not do
> this, and the consequences have been seen yesterday.
You also depend on CERN now for any security fixes with that version
of openssh, if the RHEL version gets an update next week what are you
going to do? How can you tell if the CERN version is vulnerable or not?
> This brings up the question if SLC is the best OS for running most of
> the EGEE infrastructure on.
Well it's not like glite is playing nice with RHEL binary compatibility
either. Looking at http://glitesoft.cern.ch/EGEE/gLite/APT/R3.0/rhel30/RPMS.externals/
there are many rpms (some of the rpms aren't even needed) that upgrade system
components.
Kostas
Kostas
Kostas
Kostas
Kostas
Kostas
Kostas
Kostas
Kostas
|