[kwlug-disc] Saltstackgeddon
Mikalai Birukou
mb at 3nsoft.com
Wed May 6 16:35:58 EDT 2020
>
>>> What is almost most frustrating is that Ubuntu and Debian packages are
>>> affected but there have been no official patches released.
>> I just saw the Debian fix roll in today on the security mailing list.
>> Ubuntu is probably not far behind.
> That is good news, but that horse is out of the barn. ...
> But I can feel grumpy that there is a big problem in the systems I am
> depending on for security, and if I say that out loud the answer will
> be "patch it yourself" or "I guess you shouldn't depend upon those
> security systems, then".
We depend on laws of physics, they hadn't change.
We depend on Sun rising, and as sure as that, level of bugs is
predictably non-magical.
Our clients depend on us washing our admin hands. Concept of limited
liability applies to general public as well. It is just not as heavily
advertised :) . No one can expect you to answer for security of silicon
and ram chip in servers and handheld gadgets. C'mon.
More information about the kwlug-disc
mailing list