In <Pine.LNX.4.10.10007251926210.15969-100000@dax.joh.cam.ac.uk> James Sutherland (jas88@cam.ac.uk) wrote:
> On Tue, 25 Jul 2000, Stuart MacDonald wrote:
>> From: "James Sutherland" <jas88@cam.ac.uk>
>> > What functionality? Remember, only the commands which should NEVER be
>> > issued except as part of a low-level diagnostic or maintenance procedure.
>> > Since nothing should ever issue these commands anyway except the vendor's
>> > own software, no functionality is being lost by disabling them, except for
>> > that software, which can be adapted to work around that problem in a way
>> > which will also improve it significantly.
>>
>> The functionality of being able to flash running hardware.
>> The thread about having an OS independent disk from
>> the vendor is nice, but requires downtime. Not everyone
>> can afford downtime.
> In this context, it does not. Any hot-swappable hardware could be removed
> from the production system, flashed and tested off-line, then restored.
You just need day or WEEK of downtime for that in some cases :-) Really nice.
Thnx for big present. Why so much ? It's simple: think about server installed
on ISP. Thee are just ONE service offeren by ISP: give us your system (without
keyboard and monitor, obviously) and will'll plug in it two connectors:
power and ethernet. You need to do some service with your system ? No
problem: write offer to replace it with other system and no slower then in
week time we'll replace it (usually it takes less then day though). Looks
overly draconian to you ? May be. But it's CHEAP service! Of course this web
server is not mission-critical and you can tolerate this few days downtime
once or twice per year. Now: do you really think you should wait for system
to crash so you can fix security problem in NIC's firmware ?
> Much safer, and not OS dependent - without any downtime on the production
> system.
See above. This service is TYPICAL. It's NOT something unique. Really. And
Linux is used VERY often on such systems.
> This approach is only a problem for non-hot-swappable hardware on a
> mission critical system, or if you don't have any non-critical systems
> with a suitable interface. In the case of IDE or SCSI, this doesn't seem
> likely.
See above. Your approarch will not work for LOTS AND LOTS systems out there.
"One size does not fit all". Really.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:20 EST