[geeks] Solaris resiliency to crashing w/full root partition?
Charles Shannon Hendrix
shannon at widomaker.com
Sat Oct 1 23:30:58 CDT 2005
Sat, 01 Oct 2005 @ 15:51 -0400, Nadine said:
> On 9/28/05, D.A. Muran-de Assereto <dmuran at tuad.org> wrote:
> > Not to be obnoxious, but it's probably not the auditor's fault. US
> Government
> > regs pretty much require this, and the auditor's personal opinion is
> largely
> > irrelevant.
>
> They are working from 3+ year old "best practices". I ran the
> audit script myself--it's a shell script *I* could write (as I've noted
> before my programming skills are far from top-of-the-line).
An audit program I had to run years ago tagged any processing of a
two-digit year field. Supposedly this was Y2K bug protection. However,
some code that it pointed out was only doing it for output formatting.
We had to remove the offending code, even though it was purely cosmetic:
all dates were processed without length issues (aka Y2K bugs).
It would have been only an irritating annoyance, except for one thing:
the two digit year output was a non-optional requirement for the program
to pass the audit.
> They check for nothing later than Solaris 7, and apparently the
> only Unices in the universe are Solaris, IRIX, AIX, and HP-UX.
> We'd be perfectly happy to comply with, say, current CIS best
> practices that take into account that you aren't putting a bare
> server onto the internet.
What do they do if you run it on a system and the script fails to run?
This reminds me of the idiot I used to work for that wanted us to run
Norton Antivirus on all Perl code we shipped out.
--
shannon "AT" widomaker.com -- ["Consulting wouldn't be what it is today
without Microsoft Windows" -- Chris Pinkham]
More information about the geeks
mailing list