I just cancelled plans to order two more Xserves for Internet-facing
applications, and am ordering two Dell 2950s instead, with plans to
replace
Mac OS X Server with Red Hat Enterprise in any location that faces the
Internet. Apple's track record of not updating their open-source
components
is bad enough, but when they can't be bothered to fix a security
hole TWO
WEEKS after the source code complete with fixes is publicly
available--
well, that's flat unacceptable. I'll still use Xserves for AFP and OD
masters, but Apple's current ostrich attitude is a demonstration
that it's
foolish to trust their products outside the firewall. IMHO, of course.
--
Dave Pooser, ACSA
Manager of Information Services
Alford Media http://www.alfordmedia.com
Dave,
No offense man, but that's a cop-out. Your title says "Apple Certified
Server Administrator". If you can't update to the latest version of
BIND on your box, then those credentials are suspect. Most of these
components can be updated in the system without breaking anything
else. Apple balances fixes with several other factors (amount of
updates, verifiable patches, etc.). Yes, they could be a bit more
responsive in terms of it. Any company can and should be. You should
bring it to their attention, instead of bailing.
