Chris, On Wednesday March 05, 2003 11:09, Chris Chabot wrote: > .. "Reads the huge warning before you install a beta" .. > > Hmmm, don't run on a production machine or anything else you would want > or expect to 'work'.. I gues from that perspective it would be > incredibly stupid if everyone would go out and install phoebe on these > internet connected mail servers... Mind you, sendmail is configured by > default to only accept connections from localhost, so a default install > can not be compromised. So you would have to install a beta, on a > internet (production) server, and then enable sendmail for the outside > worlds, and _then_ you are vunerable I'm not asking that a beta "work", production or otherwise. But the entire _point_ of a beta is to test in "real world" conditions. Otherwise they may as well, just release it and be done. For example, many people use CD-RWs for back-ups in production servers. Should no one have even tried to write a CD because it could lose data or not work? They should not _rely_ on those as valid back-ups, but should they just not bother testing them? There are a number of people (judging by the bugzilla postings) having difficulty with CD recording in the Phoebe beta. If it had been released with that percentage of people unable to do a common task, how would that reflect on the release? Same goes for sendmail. If it is never activated as an incoming SMTP MTA, how will anyone know if it even works? Should we just assume it will? Phoebe != Psyche, so everything should be tested in a "production way" in a "production environment", just not for "production purposes". That has at least been my experience with "beta" software for the last dozen years. Since sendmail is installed by default and mail services are one of the most common uses for Linux boxen (along with web serving) and many other programs rely on sendmail (or other MTA) it would seem counter-productive to say "don't actually use it in a real way" for a beta test. Should I also assume that I should never let apache get tested by more than 3 people? Or would it perhaps be helpful to see if the new kernel threads cause apache to fail under load? (apachebench is nowhere near real world testing) > Sorry, but if that is 'responsible for bringing the internet to its > knees', then we seriously need to re-educate the sysadmins of the world Hmmm, a remote root exploit with example code in the wild that produces a remote shell to the user. Nah, that couldn't cause any problems? http://news.com.com/2100-1002-991041.html?tag=cd_mh > And hey, if in the remote chance you have a valid reason for putting a > beta os online, why don't you just download the rh8 sendmail updates and > install those? (rpm -Uvh --oldpackage sendmail-*.i386.rpm). If thats > beyond the capacity of the sysadmin, the box shouldnt be online in the > first place ;-) So if I build my own, am I still a beta tester? Does it still help RH find out if their stuff works? Maybe I should recompile everything or install some Mandrake rpms and then complain that stuff is broken in the beta. It perhaps wouldn't matter quite as much if anything got put in rawhide nowadays, but that seems to be dead as well. At least then it could be assumed it was built on something similar to Phoebe. -- Brian Ashe CTO Dee-Web Software Services, LLC. rhlist@dee-web.com http://www.dee-web.com/ -- Phoebe-list mailing list Phoebe-list@redhat.com https://listman.redhat.com/mailman/listinfo/phoebe-list
[Home] [Kernel List] [Red Hat Install] [Red Hat Watch List] [DVD Store] [Red Hat Development] [Gimp] [Yosemite News]