*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
Posted Mar 29, 2011 0:29 UTC (Tue) by airlied (subscriber, #9104)In reply to: *FLAMEBAIT* CentOS - the new Debian! by Cyberax
Parent article: Supporting CentOS
Posted Mar 29, 2011 0:46 UTC (Tue)
by Cyberax (✭ supporter ✭, #52523)
[Link] (13 responses)
The core packages in RHEL are solid. But anything other than core is questionable.
Posted Mar 29, 2011 5:48 UTC (Tue)
by Darkmere (subscriber, #53695)
[Link] (12 responses)
Stable and solid like openssl? Well reviewed and understood packaging changes that get responded to in short time?
Posted Mar 29, 2011 13:03 UTC (Tue)
by ballombe (subscriber, #9523)
[Link]
Posted Mar 29, 2011 13:24 UTC (Tue)
by dskoll (subscriber, #1630)
[Link] (6 responses)
OK, openssl was a huge fiasco. But the big advantage of Debian over CentOS is that the Debian developers are in charge of their own destiny, whereas CentOS (by design) is almost completely driven by decisions made by Red Hat.
Debian had problems in the past (and might have problems again in the future), but it has a long and distinguished track record and (importantly) is not at the mercy of a third-party corporation.
Posted Mar 29, 2011 14:40 UTC (Tue)
by NAR (subscriber, #1313)
[Link] (5 responses)
If somebody wants a RedHat-compatible OS in order to run 3rd party binary-only software, this is not an advantage, but a disadvantage...
Posted Mar 29, 2011 14:49 UTC (Tue)
by dskoll (subscriber, #1630)
[Link] (4 responses)
If somebody wants a RedHat-compatible OS in order to run 3rd party binary-only software, this is not an advantage, but a disadvantage...
If someone is crazy or unlucky enough to have to run 3rd-party binary-only software, that person should shell out for Red Hat Enterprise Linux. I don't believe most proprietary ISVs will give you the time of day if you're not running on an officially-approved platform.
Posted Mar 29, 2011 15:20 UTC (Tue)
by kmccarty (subscriber, #12085)
[Link] (1 responses)
If someone is crazy or unlucky enough to have to run 3rd-party binary-only software, that person should shell out for Red Hat Enterprise Linux. Since based on my experience, it [RHEL] is probably cheaper than the 3rd-party binary-only software anyway...
Posted Mar 29, 2011 16:28 UTC (Tue)
by dmarti (subscriber, #11625)
[Link]
Posted Mar 30, 2011 9:51 UTC (Wed)
by theno23 (guest, #8859)
[Link] (1 responses)
So I don't like like a complete capitalist pig, we also provide a lot of GPLv3 software.
Posted Mar 31, 2011 10:49 UTC (Thu)
by jpnp (guest, #63341)
[Link]
Posted Mar 29, 2011 15:12 UTC (Tue)
by jubal (subscriber, #67202)
[Link] (2 responses)
Posted Mar 29, 2011 15:41 UTC (Tue)
by rahulsundaram (subscriber, #21946)
[Link] (1 responses)
http://www.redhat.com/security/data/openssh-blacklist.html
There is no reason to suggest otherwise.
Posted Mar 29, 2011 23:39 UTC (Tue)
by jubal (subscriber, #67202)
[Link]
Yes, and Red Hat seems to be much more diligent than your usual $big_corpo. (I did not want to make an impression that I'm writing about RH; the way Red Hat gives back to the community, and the quality of code produced there seem to be much above the average).
Posted Mar 29, 2011 18:30 UTC (Tue)
by flewellyn (subscriber, #5047)
[Link]
1) Left a comment in the code saying "We are deliberately using uninitialized memory here!",
or
2) Responded to queries on the mailing list about why that code was there.
Absent any kind of information to signal that this seeming bug was not, in fact, a bug, they did the reasonable thing in "fixing" it. Turned out it was a mistake, but how were they to know?
I know the OpenSSL folks insisted that was the wrong mailing list (why the correct one was not published is beyond me), but regardless, they communicated very badly. Rule number 1 in doing anything arcane in programming is, if you need to use an idiom that is usually bad practice or a source of bugs, COMMENT IT!
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
But the big advantage of Debian over CentOS is that the Debian developers are in charge of their own destiny, whereas CentOS (by design) is almost completely driven by decisions made by Red Hat.
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
Yes, you want to help software vendors develop better habits so you end up with a more constructive industry. Reinforcing problem behaviors of the other vendor while punishing RHT for constructive behavior is not the way to get that.
no good deed goes unpunished?
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
@darkmere the only difference between Debian and $some_big_corpo is that you actually did learn about the issue and you did learn about it from (somewhat embarassed) Debian people themselves.
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
*FLAMEBAIT* CentOS - the new Debian!
As far as Linux distribution vendors are concerned, they disclose when a security problem happens and if there is a errata to be published, they will and not just hide it.
*FLAMEBAIT* CentOS - the new Debian!