| 1 |
> -----Original Message----- |
| 2 |
> From: Ryan Tandy [mailto:tarpman@×××××.com] |
| 3 |
> Sent: Wednesday, May 31, 2006 2:11 PM |
| 4 |
> To: gentoo-user@l.g.o |
| 5 |
> Subject: Re: [gentoo-user] Reconstructing a Gentoo Installer Computer |
| 6 |
> |
| 7 |
> Timothy A. Holmes wrote: |
| 8 |
> > At this point then, I am going to actually build a second box for |
| 9 |
snort |
| 10 |
> > perhaps using the hardened sources (I am not in the least |
| 11 |
comfortable |
| 12 |
> > with running hardened on a production box). |
| 13 |
> |
| 14 |
> Wrong. The correct sentiment should be "I am not in the least |
| 15 |
> comfortable with running NON-hardened on a production box". :) |
| 16 |
> |
| 17 |
> ESPECIALLY for network-accessible devices. |
| 18 |
> -- |
| 19 |
> gentoo-user@g.o mailing list |
| 20 |
|
| 21 |
[Timothy A. Holmes] |
| 22 |
|
| 23 |
Randy: |
| 24 |
|
| 25 |
That may be, however, I have seen far to many complaints about |
| 26 |
instability in the hardened systems to be comfortable using them in a |
| 27 |
production environment. Another user here in my area is working to |
| 28 |
change my mind, but at this point, unless something changes |
| 29 |
dramatically, hardened in my mind is a specialty subset for very |
| 30 |
isolated applications that are very very crash tolerant. The problem in |
| 31 |
my mind is that if the system is so unstable that it will not properly |
| 32 |
function with a major component like X, I am worried that it may prove |
| 33 |
unstable with other applications as well. It seems quite often that I |
| 34 |
see messages going past someone has had a problem with hardened and more |
| 35 |
often then not, these are fairly critical problems -- while it may be |
| 36 |
that hardened sources are fine, I have high doubts about them, and |
| 37 |
specifically their stability. I realize that this topic has the |
| 38 |
potential to very quickly become a flame fest, and I have no desire for |
| 39 |
this to happen, but at the same time, I cant risk a critical system on |
| 40 |
unstable sources either. I am open to the possibility of using them, |
| 41 |
BUT, for now it will be in parallel with sources that I KNOW work |
| 42 |
correctly. I cant risk our network to be part of an experiment. |
| 43 |
|
| 44 |
|
| 45 |
Timothy A. Holmes |
| 46 |
IT Manager / Network Admin / Web Master / Computer Teacher |
| 47 |
|
| 48 |
Medina Christian Academy |
| 49 |
A Higher Standard... |
| 50 |
|
| 51 |
Jeremiah 33:3 |
| 52 |
Jeremiah 29:11 |
| 53 |
Esther 4:14 |
| 54 |
|
| 55 |
|
| 56 |
-- |
| 57 |
gentoo-user@g.o mailing list |
Archives