Subject: | |
From: | |
Reply To: | Robert E. Blair |
Date: | Thu, 2 Mar 2006 15:44:37 -0600 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
You might suggest to them that if "branding" is their sole criterion for
security they might want to do a little reading on the latest SONY
fiasco. Explain to them:
1. SL is built from exactly the same sources as RHEL
1. the only exceptions being where trademarks or other legal
restrictions make this impossible
2. the installation procedure differs mainly due to the above
2. you should explain that CERN, Fermilab, Argonne, Brookhaven ...
large national labs use this OS and they really do care about
security. Hell, they not only use it they distribute it!
3. Finally if you can't convince them don't reinstall just review the
tiny number of rpm's identified with "SL" in the name and replace
them with their "EL" version and change to using the up2date
mechanism from yum for keeping things current.
1. the beauty of common source roots is that almost nothing
changes from one distribution to another - this has worked
fine for me in migrating from WhiteBox to SL and is all of a
5 minute process (the only potential gotcha here is how to
initialize up2date since this is an area where primitive DRM
comes into play and makes life potentially difficult)
Harish Narayanan wrote:
>This might seem like an odd question, but I'd like to hear your opinions
>on the following if you've experienced something similar.
>
>I'm a graduate student at a research university, and I also serve as the
>de facto system admin of my lab because I'm the geekiest of the bunch
>when it comes to to this sort of thing. Over a year ago, I moved most of
>our heterogeneous collection of systems (running older RedHat and Fedora
>Core releases) over to a common SL release, because it was easier on me
>to administer them this way; plus code compiled on one machine could be
>thrown into another and "just work", with no niggling issues.
>
>All was (very) well. So far.
>
>Recently, the computer support people at the department have been
>drafting a security policy for what OSs they allow running on
>departmental computers, and long story short, they list the upstream
>vendor's product[1]---and not SL---as an allowed Linux based OS. I tried
>explaining to them the binary and source equivalence of SL and this
>product, but they are not familiar with GNU/Linux, and I haven't gotten
>very far.
>
>They are offering to obtain licenses from the upstream vendor (at very
>reasonable academic prices) for all the machines, but this isn't about
>the money. I am not keen on taking working, fine-tuned machines and
>wiping them out to install what is essentially identical software all
>over again.
>
>I was hoping if someone around had experienced anything like this and
>had advice on how I could better make my case.
>
>Harish
>
>
>[1] The reason, I assume, is that the upstream vendor's product is a
>recognised brand.
>
>
|
|
|