Hi Jennifer,
RHN is quite a nice tool. Because of it's design, it really is
quite secure. By default, the connection is encrypted and it verifies
the signatures on packages that it downloads. Also, because the
RHN daemon checks in with RHN rather than listening on a port,
there isn't a new service on your box that someone could try to
connect to and exploit.
However, for a security critical hosts (and maybe others), I
would recommend against having your machine automatically apply
updates. My personal preference is to review updates rather than
having them automatically applied to my machines. This also gives
me the chance to test the update first on a non-critical machine.
Just my .02
Steve Bremer
NEBCO, Inc.
