[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Kickstart and roles

On Wed, 19 Apr 2006, Stephen John Smoogen wrote:

Sadly doing the Right Thing (tm) isn't always an option due to real life
circumstances (cough cough management) and performing a "quick fix" to the
managed device without taking the time to write centralized policies is

There is no technical solution to a management issue. You can hack as
much at it but the managers will come up with a completely new way to
be stupid. I found that getting management to buy off on how change
control works was a better cost solution. [Getting them to sign the
timesheet for the extra work/pay got them to cut down on last minute

Sure and for the most part the change control where I work is sane. There are still issues that come up where taking the time to write the policies isn't available for various reasons.

the result.  Writing these policies after the fact is of course desirable
but in many cases this would require another change control and testing
cycle. In short these type of tools really need the ability to detect what
has changed and let the admin easily integrate/pull these changes and
sign off on them as part of the devices new recipe/state.

This would be useful in a different manner.. when the hacker breaks in
and fixes your broken server.

How do you mean? Such a feature would allow the admin to see what changes a cracker made, not sign off on them and instead revert them to the previous state.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]