I noticed a gross oversight on my part, I hadn't updated my server for SSH, though I thought I had about 2 months ago. Here's why.
1. I'm a newer e-smith user (about 7 months now)
2. The last security update (5.1.2 u2) was in the blades list, and so when I saw there was a new one, I went back to the blades and didn't see a one unapplied and (foolishly) thought I was up to date. There wasn't an Update 3 in the list, I know, I know...
3. As a bad user, I didn't verify that the latest blade was the latest update needed. Again, my fault.
My point: Security blades should either be maintained or not. Having them then not makes a foolhardy new user (like myself) think they'll always be there, and if they aren't everything must be up to date. Of course, in the end I'm the one accountable for my system and I checked for updates this week and varified what wasn't there, then got the RPMs and updated my system without a problem. The instructions were very nice.
On the bright side, I didn't see any signs of slapper running on my system under /tmp so all appears unharmed.
Please take this as a friendly suggestion. I appreciate the hard work that has gone into the e-smith system. The blades are a great idea, but for security, IMHO they should always be promptly offered or never offered. If you look through the message boards, I'm not the only person to have done this, counting on a Blade that never appeared.
The security blade sure was nice, if Dad had e-smith at home, I'd be able to just tell him over the phone how to upgrade without the need to have the administration areas globally accessable. With the RPMs, I'd have to ssh in and do it myself within minutes. Not a biggie, but the blades sure are nice.
Thanks for sucha nice distro. Specialized for purpose, and designed to require few security updates (I'm guessing this is part of the logic in not using Sendmail).
-Brock
2 Replies
1019 Views