Hosting Provided By

Re: Red Hat Network updates

From: Steven Leikeim <steven(at)enel.ucalgary.ca>
Date: Fri Feb 28 2003 - 13:24:50 EST

On Thu, Feb 27, 2003 at 12:33:35PM -0500, Jennifer Fountain wrote:
> Hi All:

My comments on how "secure" it is are based on my experiences in setting up a "current" server. This is an implmentation of a server for the up2date tools. (http://current.tigris.org)

There are a number of factors which Red Hat is using to keep the facility secure:

The service is supplied over an https connection and an SSL key is locally stored on your machine to verify the connection.
up2date will NOT proceed if it gets an RPM that is not signed by an appropriate key (Red Hat's by default).
up2date is careful to not update certain rpms automatically. Kernel updates are not automatic, nor will it update rpms that have had configuration changes made to them. This behaviour is, of course, configurable.
If you're REALLY concerned, you can run up2date manually and choose which updates you want at any given time!!

There may be other security factors I'm not aware of, but these are the main points I would be concerned about.

-- 
Steven Leikeim                        |
University of Calgary                 |   There are lies, damned lies,
Department of Electrical Engineering  |        and statistics.

Received on Fri Feb 28 14:28:09 2003

This message: [ Message body ]
Next message: Steve Bremer: "Re: Red Hat Network updates"
In reply to Jennifer Fountain: "Red Hat Network updates"
Next in thread: Steve Bremer: "Re: Red Hat Network updates"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:20 EDT