Tim Scanlon wrote:
I don't think evaporating non-contract security patch releases is especially best practice. Note I'm only making reference to security patches. Other types of patches are really a completely separate issue than this in some respects.
IMHO the problem is that Sun never really succeeded in supplying only security patches -- instead these always ended up including enough recommended patches (KJP, libc, etc.) so that too many casual users didn't end up paying anything. It's one thing when Windows or MacOS does this based on charging a few hundred dollars up front, and back in the early days of Solaris x86, Sun also charged up front.
But no upfront cost and no support revenue does not make for a good business.
And it's probably not easy to separate out only security patches, because there's one main S10 patch gate.
Personally, I would be happy(ish) paying $100-200 and then having security patches for the life of the OS ("always buy rather than rent"). But there is probably not enough revenue for Oracle for this compared to getting commercial users to sign up for full support contracts (and compared to the larger Windows/Mac install count).
It's a fairly simple argument to make that this is a vendor responsibility issue, rather than one of user rights.
Oracle's statement seems to be "in that case, don't use Solaris 10 after 90 days because you won't have security patches (or a license)". They probably want casual users to use OpenSolaris instead.
As such, and considering the mailing list this thread is on, it would maybe be better to concentrate on how to secure OpenSolaris (without upgrading to every biweekly build) or contact your Oracle rep to request a low-cost-but-not-free patch option for non-commercial users.
Hugh. _______________________________________________ opensolaris-discuss mailing list [email protected]
