Re: Keeping Solaris up-to-date

From: Corey Lindsly (coreyat_private)
Date: Thu Jan 14 1999 - 21:52:13 PST

Next message: Jan B. Koum: "Re: Secuity hole with perl (suidperl) and nosuid mounts on Linux"

Previous message: spoon: "sun "encryption" lameness"
Maybe in reply to: John RIddoch: "Keeping Solaris up-to-date"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Is it really a good idea to run a script as root via cron from an
> NFS-mounted directory?  What if someone breaks root on one machine,
> does a quick 'su' and replaces your NFS-mounted script?  Seems
> they would own all 50 machines by morning.

not only that, but some Solaris patches have been known
to break systems and render them strange or unbootable
(shocking, i know). the sensible approach, instead of
automatically and blindly installing patches, might be
to test each patch on one machine before applying it
to the other 49 machines, lest you end up with 50
broken machines in the morning.

perhaps some sysadmin functions are best left semi-automated.

---corey

Next message: Jan B. Koum: "Re: Secuity hole with perl (suidperl) and nosuid mounts on Linux"
Previous message: spoon: "sun "encryption" lameness"
Maybe in reply to: John RIddoch: "Keeping Solaris up-to-date"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:28:51 PDT