[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-developers] OS-discussion
- Subject: Re: [cobalt-developers] OS-discussion
- From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
- Date: Mon Mar 25 03:22:03 2002
- Organization: nobaloney.net
- List-id: Discussion Forum for developers on Sun Cobalt Networks products <cobalt-developers.list.cobalt.com>
Jörg Jan Münter wrote:
> Sory, but i am relly tired of these discussions and i don't understand what's
> this all about.
Mostly it's about people's frustration with unfixed security issues on
Sun Cobalt's RaQs, and with unupdated software when more recent versions
are available.
> Cobalt does use Linux, and it works fine, as long as you
> don't try any extreme hacks on that machine.
I'm glad it works for you. RaQs, out of the box today, are very
insecure. Nothing to do with hacks. (BTW, it works fine for me too,
after we add a lot of security to it.)
> I maintain several RaQs, and
> they just work without any trouble.
Sun Cobalt has a history of releasing packages that either don't work,
or break security, or break functionality. It's a sad but true fact
that's well documented in past posts to this and other Cobalt lists.
> Sure, other systems may be more secure, but those people who don't use for
> example external firewalls should think about their philosophy of security
> first before discussion security features of OSes. Our machines all work
> behind sophisticated firewalls and we don't grant shell access to any
> customer, so we simply don't have those security problems.
Most of us have our systems in colocation and don't have the luxury of a
firewall to be behind. Please let us know a bit about your
"sophisticated firewall", as I'd love to build one for our colocation
customers to be able to use.
> And if anybody prefers Solaris why don't you fetch free Solaris 8 from web
> and install it on a cheap Intel-platform?
Sun is no longer supporting Solaris 8 for Intel.
> I don't like Solaris, i prefer AIX,
> but i don't think those discussions should be discussed here.
This is exactly the place to discuss alternate operating systems for
Cobalt RaQs.
> If someone doesn't like Cobalt with Linux, why don't you buy something else?
> If someone prefers BSD, go ahead and set up a machine with BSD, maintain your
> system by hand, go and find the latest security-updates etc. and install them
> from scratch, fix the problems between all the programs on that machine and
> so on, if you like to waste time on that.
Most of us, including me, wouldn't consider that a waste of time, but
rather time well spent.
> We made the experience that these arte low-price systems that work well
> enough for standard web-services. And if you install another MTA but sendmail
> even mailing works fast and stable.
Glad to see there's something about the RaQ you don't like <smile>.
Which MTA do you install successfully on RaQs? Do you do it alongside
sendmail, or do you remove sendmail?
> Security is mainly a matter of the way
> you grant access to your machine and the way you use your system or implement
> software, not only of the OS itself.
Of course. But it certainly starts with the OS.
Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
Linux and Cobalt/Sun/RaQ Consulting
nobaloney.net
P. O. Box 52672, Riverside, CA 92517
voice: (909) 778-9980 * fax: (702) 548-9484