On Thu, Apr 24, 2003 at 03:33:46PM +0200, fyrbrds@netscape.net wrote:
Dave.Smith@st.com wrote:
On Thu, Apr 24, 2003 at 01:50:11PM +0200, fyrbrds@netscape.net wrote:
Not really. You can use cron now to rsync/ftp your updates <snip> Also, do we want to admit that MS can offer this service for XP using WINDOZE servers, but linux is too insecure to do it?
Because, of course, M$ has such a good reputation for only putting in features which are secure?
irrelevant.
I don't think so. You seemed to be implying that since the feature is on Windows, it's obviously secure, and that by choosing not to put it on Linux, we think that Linux isn't; MS doesn't exactly have a spotless record on security...
Perhaps Linux doesn't want a feature because the concept is bad.
linux isn't a person.
Fine. s!Linux!people who develop GNU/Linux! if you want to be pedantic.
again, if this will cause less holes for script kiddies to take advantage of, then maybe DoS attacks won't be as effective.
However, it puts even more "eggs" in the SuSE server "basket".
Yes, you can do an rsync/ftp-install now. However, this is done on a case-by-case basis, and isn't done that often.
That's because most people (99%) don't know how to set that up.
Correct, which is why it is not such a tempting target for cracking. (no eggs pun intended... :-) A system which has the potential to infect tens, even hundreds of thousands of machines in a short period of time is a much bigger prize than one which might infect a few hundred over the next week...
What worries me is the fact that:
a. It is completely automated, with no user involvement. As a result, I suspect that a large proportion of the people who use it will be of the "configure-and-forget" type - they'll just set it up, and not bother to check it again.
That's still better than letting them NOT configure and STILL forgetting which is what's happening now.
Maybe. But it introduces the extra possibility of having a trojaned binary installed on a system which didn't actually have any known exploits. I'd rather install updates myself when I know they are required, rather than have the system install it itself. Of course, you also have the potential for breaking a working system. SuSE are pretty good at producing working stuff, but nobody's perfect, and occasionally packages will come out which break something. Having things stop working for no apparent reason would be particularly frustrating...
b. The frequency of checking and updating of machines will increase. Therefore, if any crack is found, it will spread fast.
That's why suse signs there packages. It's up to you to use known good servers. What's to say you aren't downloading a tainted package now as you sit there and click through your updates?
Maybe I am. However, since the manual update rate will be slower, the spread will be slower, and less machines would be infected before the crack is discovered.
The reason for concern is simple. If you have a "install-and-forget" automatic update system, and it gets cracked, the modified packages will spread much quicker than they would under a manually-invoked update system. Also, they would spread quickly to systems which might not be checked manually for a long time. The crack would probably be discovered quite quickly, but by this time it would be too late.
Nah. It wouldn't be the end of the world. Besides, I have a little more faith in SuSE security than that. [rearranged quote] Again Dave, you DO make some good points but I really think your concerns are manageable. If I didn't think SuSE had a good enough grasp of all this to make it work I'd be using Red Hat. (and probably having the same discussion there hmm?)
I'm not saying that I don't trust SuSE. I'm just saying that having a system like automatic update which increases the "prize" of cracking that single point of failure introduces security issues. A number of Linux firewall distribution dev teams have decided not to implement an auto-installing update system on these grounds, so it's not just me that is concerned about it.
I'm not sure whether this is a problem with 8.1, but I've never successfully managed an online update. The connection has always timed out.
Yea, but it SHOULD work. If not, your config is wrong. You are probably blocking "ftp-data" on your firewall (high ports).
Possibly, or it might be due to the fact that I'm trying to connect over a 28.8k modem. Occasionally (1 time out of 10), I manage to get to the list of mirrors, but never get any further. If bandwidth and latency really are the issue (as I suspect), it's not exactly going to be helped by thousands of extra machines attempting to auto-update, and I doubt that SuSE want to spend lots more money on extra bandwidth. I guess we'll have to agree to disagree. -- David Smith Work Email: Dave.Smith@st.com STMicroelectronics Home Email: David.Smith@ds-electronics.co.uk Bristol, England GPG Key: 0xF13192F2