From: hasufell <hasufell@gentoo.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Fwd:How about the gentoo server or cluster in production environment?
Date: Wed, 26 Feb 2014 15:02:14 +0000 [thread overview]
Message-ID: <530E01F6.6080708@gentoo.org> (raw)
In-Reply-To: <53085FA0.7020001@gmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Alan McKinnon:
> On 21/02/2014 16:15, hasufell wrote:
>> Alan McKinnon:
>>> On 20/02/2014 22:41, Nicolas Sebrecht wrote:
>>>> On Thu, Feb 20, 2014 at 08:52:07PM +0400, Andrew Savchenko
>>>> wrote:
>>>>
>>>>> And this point is one of the highest security benefits in
>>>>> real world: one have non-standard binaries, not available
>>>>> in the wild. Most exploits will fail on such binaries even
>>>>> if vulnerability is still there.
>>>>
>>>> While excluding few security issues by compiling less code
>>>> is possible, believing that "non-standard binaries" (in the
>>>> sense of "compiled for with local compilation flags") gives
>>>> more security is a dangerous dream.
>>>>
>>
>>
>>> +1
>>
>>> "non-standard binaries" is really just a special form of
>>> security by obscurity.
>>
>> So you are saying compiling a minimal kernel to minimize exposure
>> to subsystem bugs is only obscurity? (I really wonder what Greg
>> would say to this)
>
> No, I'm saying that I pay RedHat large sums of money to look after
> this on my behalf and that money is wasted if I build a custom
> kernel on that machine.
>
> RedHat has a vested interest in doing this right (it's the product
> they sell) and they have more engineering resources to apply to the
> problem than I can ever raise. The odds favour RedHat often getting
> this right and me often getting it wrong, simply because I don't
> have the unit testing facilities required and my employer doesn't
> employ OS builders.
>
> I won't permit Gentoo to be used in production here for precisely
> that reason - I can't provide the test guarantees the business and
> shareholders demand.
>
>
Yes, I agree that RedHat might be a better choice, if you can afford
it (although there are some counter-arguments since they practically
maintain kernel-forks because of heavy backporting, but I am unable to
make a definite opinion on this). But that was not the point of my
claims, so I don't see an argument.
>> The argument that this particular setup may be less tested is a
>> valid one. But less tested also means less commonly known
>> exploits and testing these setups is a win-win for users and
>> upstream.
>>
>> Whether you like it or not... whenever you install software on a
>> server, you become a tester at the same point.
>
> Proper testing carries a onerous burden. I've yet to find a
> enterprise anywhere in the world that does it right outside of
> their core business. Instead, they pay someone else to do it.
>
Yeah, the kernel has _zero_ "proper" testing in the sense of software
engineering. RedHat does not really improve that (e.g. unit tests and
whatnot). Greg said why that's almost impossible, especially because
the internal API changes way too frequently.
Still unable to find a real counter-argument. This was about disabling
codepaths/subsystems, not about RedHat vs Gentoo which is quite an
uneven fight.
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJTDgH2AAoJEFpvPKfnPDWzhZUIAIyT9nUPXYAOigXnb6M+OB4x
/KmYDZ59Fyuz0D0SoMn1pZCNWPrS8UPjAOzUIr4E0DT0uzh0348+1xHDYDv4ph/n
C9+0jqd9yPQ9kw5rX3zefmjC7wVpJFtLQIiOxaIo6wOqtxfjdVNZdVDEVKU/QJ7G
n2fOdAccuTFOHCiB2cV8LlF997GfuzJ9nNdXGev3tA8l46wV9/q3gp1HdbkhyAJV
61QGv8blsPHbXsC8G2fnz/YcNaa0iH6rRcboRHcpMa2Gk1Ui8UrTmiYC/NJO02bN
TSV8mb/VWow5vVyQSYmpCO4xcylQFVwwWOh14IXcl+mC+CQG4rxPTyUcDUhbewo=
=2JhD
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2014-02-26 15:02 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <5297F0C8.3060403@gmail.com>
2014-02-19 23:40 ` [gentoo-user] Fwd: How about the gentoo server or cluster in production environment? Franklin Wang
2014-02-20 0:14 ` Nilesh Govindrajan
2014-02-20 0:36 ` Franklin Wang
2014-02-20 0:53 ` Facundo Curti
2014-02-20 1:06 ` Nilesh Govindrajan
2014-02-20 1:17 ` Franklin Wang
2014-02-20 9:28 ` thegeezer
2014-02-20 12:04 ` Tanstaafl
2014-02-20 12:24 ` Tanstaafl
2014-02-21 1:03 ` Facundo Curti
2014-02-21 1:39 ` Nilesh Govindrajan
2014-02-21 13:49 ` Tanstaafl
2014-02-27 13:09 ` Nick Cameo
2014-02-27 17:53 ` Facundo Curti
2014-03-21 13:37 ` Tom Wijsman
2014-02-20 10:29 ` [gentoo-user] Re: Fwd:How " Nicolas Sebrecht
2014-02-20 16:52 ` Andrew Savchenko
2014-02-20 20:41 ` Nicolas Sebrecht
2014-02-20 20:59 ` Alan McKinnon
2014-02-21 12:39 ` Andrew Savchenko
2014-02-26 11:44 ` Nicolas Sebrecht
2014-02-21 14:15 ` hasufell
2014-02-22 8:28 ` Alan McKinnon
2014-02-26 15:02 ` hasufell [this message]
2014-02-26 10:55 ` Nicolas Sebrecht
2014-02-26 14:05 ` Poison BL.
2014-02-26 15:03 ` hasufell
2014-02-26 15:26 ` Nicolas Sebrecht
2014-02-27 1:05 ` hasufell
2014-02-21 11:16 ` Andrew Savchenko
2014-02-26 10:51 ` Nicolas Sebrecht
2014-02-20 14:35 ` [gentoo-user] Fwd: How " Andrew Savchenko
2014-02-21 7:35 ` Franklin Wang
2014-02-20 18:41 ` Andreas K. Huettel
2014-02-21 7:40 ` Franklin Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=530E01F6.6080708@gentoo.org \
--to=hasufell@gentoo.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox