Re: non-disclosure of infrastructure problem a management issue?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rui Miguel Silva Seabra wrote:
> The first message...
> https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00008.h
>tml
>
> ... said:
>
> 	We're still assessing the end-user impact of the situation, but as a
> 	precaution, we recommend you not download or update any additional
> 	packages on your Fedora systems.
>
> This spells "*unsafe* to install packages, without saying specifically
> why" to me, what about you? :)

To me it looked like there was a problem with the performance or availability 
of the servers, and they didn't know how much downtime there would be or how 
bad the response times would be, and they wanted us to avoid updating to ease 
the load on the servers until they could fix the problem. That wouldn't make 
it unsafe to install packages although it might be difficult to download 
them.

I can also imagine that such a recommendation would be issued if a bug in the 
build system had caused corrupted packages or incorrect dependencies. In that 
case it could be said that it would be unsafe to install packages, but I 
might still choose to update some after ensuring that I could revert to an 
older version if necessary.

It wasn't until I saw the speculations here in fedora-list that I understood 
that there might be a risk that I would get backdoors installed if I updated. 
It's mostly by chance that I'm currently reading fedora-list. If I were only 
reading fedora-announce-list I might not have understood that there was a 
security risk until yesterday's announcement, and then I would probably have 
chosen to install some important security updates despite the recommendation.

It's simple, really: People won't follow instructions if you don't tell them 
why the instructions are important.

Björn Persson

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux