[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Woody: "xhost +" on Local Machine not Working



begin  Karsten M. Self quotation:
> 
> There is a serious problem at your site.  You've raised this issue?

Deaf ears.  Located in another time zone, and miles above my pay grade.

> I'll presume one end or the other is under your control. 

Yes; but BOTH ends have to allow X forwarding before it works.

> You're not responsible for security.  You're the fall guy if someone
> else's broken policy compromises your systems.  Accountability without
> responsibility.

No, I am responsible for security on a very small piece of the overall
pie.

When I say "hundreds of servers" people think "whole company".  My
hundreds of servers are in 5 out of 100 projects in this company.
FedEx's IT division (actually a seperate company, FedEx Services) is
larger than some major telecommunications companies.  It's 5,000
employees, servicing machines that support 200,000 employees, and a
customer base so huge that we had higher revenues than Microsft up until
a couple of years ago.  We're HUGE, and I'm just one guy, in a team,
which has responsibility for security on a paltry few of the thousands
of servers in this company.

And at that, only the UNIX servers.  Some of my projects also have NT
servers, and I don't even have a login for some of those.

However, I am not committed to SSH, or Linux, or any other piece of
software.  I am committed to my family, and while I have very
strongly-held principles that I can and have left jobs for, using Open
solutions at all times isn't one of them.

All of the servers for which I have responsibility have SSH installed.
There are dozens I must use to get my work done that are other teams'
responsibility, and some of those do not.  It's not worth walking out of
my job for, because my management IS reasonable about assigning blame;
when something goes wrong, I show that it wasn't on my end, and all is
well.  If it was, I show how I'm going to prevent it from happening
again, and all is well.  You have to work hard to get fired around here.


-- 
Shawn McMahon                    | McMahon's Laws of Linux support:
http://www.eiv.com               | 1) There's more than one way to do it
AIM: spmcmahonfedex, smcmahoneiv | 2) Somebody thinks your way is wrong

Attachment: pgprNseV9CQBQ.pgp
Description: PGP signature


Reply to: