[kwlug-disc] Saltstackgeddon

Mikalai Birukou mb at 3nsoft.com
Wed May 6 16:35:58 EDT 2020


>
>>> What is almost most frustrating is that Ubuntu and Debian packages are
>>> affected but there have been no official patches released.
>> I just saw the Debian fix roll in today on the security mailing list.
>> Ubuntu is probably not far behind.
> That is good news, but that horse is out of the barn. ...
> But I can feel grumpy that there is a big problem in the systems I am
> depending on for security, and if I say that out loud the answer will
> be "patch it yourself" or "I guess you shouldn't depend upon those
> security systems, then".

We depend on laws of physics, they hadn't change.

We depend on Sun rising, and as sure as that, level of bugs is 
predictably non-magical.

Our clients depend on us washing our admin hands. Concept of limited 
liability applies to general public as well. It is just not as heavily 
advertised :) . No one can expect you to answer for security of silicon 
and ram chip in servers and handheld gadgets. C'mon.





More information about the kwlug-disc mailing list