| |||
| |||
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Mark Nelson wrote:
Fine Apple, give us a checkbox for non-paranoid admins. I would expect it to shut off if it contacted a site that wasn't Apple's servers. Not shut off if it simply can't contact anyone. By hijacking I'm assuming that Apple is guarding against our software update servers downloading files from a non-Apple site. There's no other "hijacking" possible on our local network. What do they think someone will hijack our local SUS with bad updates? Well in that case, what is to stop someone from simply jumping the routine update check or simply coding their own SUS. And....if someone successfully hijacks Apple's servers(probably not possible if our mirrors download via SSL), our SUS would download the updates happily and keep running as it contacted "Apple's site". A simple failure to connect to Apple shouldn't shut off the service. The updates themselves if signed by Apple would safeguard against altered packages. The software update service as I mentioned could simply be hacked not to check Apple's site ever. Hijacking is not the correct answer. Lack of foresight seems more likely. Rasul --
Rasul C. Shishehbor Server Systems Administrator Concordia College Moorhead, MN (218)299-4738 |
_______________________________________________ Do not post admin requests to the list. They will be ignored. Macos-x-server mailing list (email@hidden) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/macos-x-server/email@hidden This email sent to email@hidden
| References: | |
| >Software Update Server Shutdown (From: Jason Buckner <email@hidden>) | |
| >Re: Software Update Server Shutdown (From: Rasul Shishehbor <email@hidden>) |
| Home | Archives | FAQ | Terms/Conditions | Contact | RSS | Lists | About |
Visit the Apple Store online or at retail locations.
1-800-MY-APPLE
Contact Apple | Terms of Use | Privacy Policy
Copyright © 2007 Apple Inc. All rights reserved.
