On Tue, 17 Apr 2018, Zbigniew Jędrzejewski-Szmek wrote:
> Services which are subject the guidelines allow to be enabled by
> default should be such that starting them briefly should not cause
> any permanent effects.
Some 'real world' data, from a unit that was deployed this
morning at
2018-04-17 10:30:17
VM Created herr...@owlriver.com
New VM ordered
This email sent at 1623
Last failed login: Tue Apr 17 16:22:11 EDT 2018 from
61.177.172.63 on ssh:notty
There were 1354 failed login attempts since the last successful login.
[root@pl085086017 ~]#
so about 6 hours and 1354 probes -- 200 an hour on average
That 'window' of open-ness to probers, except for the fact
that we blow in 'keyed access only' late in the install
process by automation, would not constitute:
starting them briefly should not cause any permanent effects
I think it proposes to needlessly exposes a unit in an
un-patched state, to being taken over
-- Russ herrold
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
