[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Getting Off the Patch
- To: Christian Sciberras <uuf6429@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Getting Off the Patch
- From: Pete Herzog <lists@xxxxxxxxxx>
- Date: Fri, 14 Jan 2011 19:24:27 +0100
On 1/14/2011 4:44 PM, Christian Sciberras wrote:
> tested reliable in as much little time. According to the reliability of
> the patch, one would also assume that worst case scenarios involve
> *just* rolling back changes, again, not really loosing anything at all.
The problem with just rolling back is that if you rely on patches for
security then that's rolled back too. So you do lose that. The other
issue is enterprises that leave auto-updating on for all hosts and
then don't have a reliable means to roll-back and certainly not for
all the systems updated.
-pete.
--
Pete Herzog - Managing Director - pete@xxxxxxxxxx
ISECOM - Institute for Security and Open Methodologies
www.isecom.org - www.osstmm.org
www.hackerhighschool.org - www.badpeopleproject.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/