PCI compliance is a lot more than just the code. Red Hat goes through multiple processes with these governing bodies to certify RHEL. That doesn't pass down to downstream distributions. On Apr 8, 2014 11:32 PM, "ToddAndMargo" <[email protected]> wrote:
> On 04/08/2014 08:25 PM, Paul Robert Marino wrote: > >> Well frankly if you need PCI-DSS compliance pay for RHEL. Its honestly >> not that expensive for the few systems that really require it. Only the >> system's that handle credit cards supposedly require it and in most >> ecommerce companies that's probably 2 to 4 system's so what's the >> problem wit paying $750 a year each for those few systems to not have to >> deal with the problems and giving the stock investors a warm and fuzzy >> feeling. Your time spent on it costs them more money and ti reduces all >> the stress on every one if you buy compliance on the cheap. >> > > Hi Paul, > > Is SL not PCI compliant because it is not a commercial > effort? I thought SL got all the patches the RHEL > got? Please elucidate. > > Oh, and it is a sole proprietor and CHEAP doesn't > begin to describe him. (Nice guy though.) > > Many thanks, > -T > > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Computers are like air conditioners. > They malfunction when you open windows > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >
