[ale] Would you get Redhat Tomcat from Redhat or Apache?

Lightner, Jeff JLightner at water.com
Mon Aug 12 16:06:39 EDT 2013


A couple of things:

You can install Oracle JDK separately from the RHEL repository provided versions.   They go into separate directory structures.  You can still add the former to your /etc/alternatives setup and choose which one is the default but that doesn't prevent anyone from using any other JDK from where it actually lives.

As to compliance stuff.   Most scanning software just tests for your version (base version from upstream) rather than whether or not you actually are affected by whatever security issue later upstream versions resolve.

Since the RHEL version starts with upstream version then adds RHEL versioning after that this could easily be avoided if the makers of such software would actually keep up with the fact that the largest commercially used Linux distro has such extended versioning.

The best way to handle this is to simply NOT allow software to report its version at all when asked by a scanning software.   Lame security scanning software that doesn't know the difference between upstream and RHEL downstream also will blithely report everything OK if it can NOT determine version in the first place.   It is a lot easier to do that than have to write a dissertation on why the version you're running actually IS fixed and addresses whatever security issue the scanning software didn't actually test anyway.





-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Tim Watts
Sent: Monday, August 12, 2013 3:24 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] Would you get Redhat Tomcat from Redhat or Apache?






Athena®, Created for the Cause™
Making a Difference in the Fight Against Breast Cancer

---------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------




More information about the Ale mailing list