[BBLISA] How would you address this?
stephen wadlow
sgw at wadlow.net
Fri Feb 17 15:48:44 EST 2006
On Feb 17, 2006, at 3:21 PM, Michael Tiernan wrote:
> Vendor says:
> For security reasons, the license file must be in /opt/FOOFOO_license
> unless /opt is not on local disk. In that case, the license file
> will be
> placed in /var/adm/FOOFOO_license. This is not a bug.
>
> So, what logic do you throw back at them? I've run into this sort of
> thing before and I always end up being speechless because I can't
> believe someone would say such a thing.
>
I'd love to know why they think that this is more secure (or why
alternatives are less secure) and why it's not a bug.
Does the program have to run as root? That'll be a good indication
about how lazy they are, and hot much they
really care about security.
My response would be: "My company does not allow outside
organizations to dictate our systems administration standards and
security policies without justification. We are the customer in
this situation. What is your explanation for needing to change the
way we do things?"
And to support it from your side: If all of the other licensed
software that you use has the ability to let you choose to centrally
manage where and how you store your licenses, then you've got the
power of a standardized system working for you. If this
one package has inflexible requirements, then it will be the
albatross in your environment, and will likely suffer for it. Their
inflexibility results in higher sysadmin costs on your end, and the
increased likelihood of downtime, or generally being unavailable
due to not fitting nicely into your system. So, it's a bad match
for you, and bad PR for them. That might be enough reason to
investigate alternatives.
steve
More information about the bblisa
mailing list