lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: smcmahon at eiv.com (Shawn McMahon)
Subject: Fw: Red Hat Linux end-of-life update and transition
 planning

Michael Gale wrote:
> 
> So you are saying you trust up2date to take care of all your machine
> updates ? That is like saying you trust Microsoft auto update to
> handle your servers. What happens when they release a bad patch ? or
> one that hoses your machine.

No, he's saying he trusts autorpm to allow HIM to take care of all his
machine updates.  Or did you not read the second half of any of the
sentences to which you were replying?  It seems so, from your replies.

BTW, follow RFC 1855 and wrap your damn lines.

> How about we now start with NIS logins from a central server :) we
> could do home directories mounting over NFS via a NIS account
> authentication. We can use PAM too -- you must realize that anything
> you can do on Red Hat ANY OTHER linux distribution can do as well.

LOL.  He asks about best-practice user administration security, and you
propose NIS?  Might as well go ahead and turn off shadow passwords,
then, while you're at it, since you've negated their security gains.

> I have worked in BIG SHOPS thank you very much and you know what. BIG
> SHOPS - don't use Red Hat.

That's nice.  I work in the Fortune 500 world.  Vastly HUGE shops do use
Red Hat.

> Oh -- did I mention that slackware is the most Unix like distro
> available. There is a reason that hotmail is running on FreeBSD and
> NOT Red Hat

Yes, and there's a reason they aren't running Slackware, either.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 252 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031104/4d42e0a0/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ