[OpenIndiana-discuss] Anyone using OpenIndiana in production?
Udo Grabowski (IMK)
udo.grabowski at kit.edu
Wed Mar 27 08:26:59 UTC 2013
On 27/03/2013 09:05, "Weiergräber, Oliver H." wrote:
> That's very impressive indeed.
>
> But how do you handle the lack of timely security fixes on this OS?
> I suppose your machines are running on a separate network which is inaccessible from the "outside world" ?
Yep, we are protected by a central firewall and have
additionally put this stuff into a private network.
Anyway, since non-MS OSses are a) seldom an attack
target and b) professionals don't rely on the usual
software bugs to break in (although it makes it easier
for the script kiddies), risks are much lower than
any security software company tries to tell you to
sell their protection kits (if you don't have open
webservers or similar stuff, of course). So timely
software update races with multiple dependent updates
are not our business, we much more rely on stability,
especially API stability and version interoperability
(e.g., for the underlying shared libraries, etc.)
More information about the OpenIndiana-discuss
mailing list