On Fri, May 03, 2013 at 03:30:39PM -0600, Kevin Fenzi wrote:
Right, but then this information is security sensitive...
User installed httpd-x.y-Z on YYYY-MM-DD, but on looking you don't see
them installing the security update that was released after that ->
target.
Or even, user installs foo, foo is insecure and is dropped from fedora,
you might know that they have it still installed and can leverage that.
Or you see that user does security updates every friday, so you know
they might be vulnerable thursdays.
Also, you may see users install something, but we have no way of
knowing if they try it and hate it and remove it right after.
All true, that's the reason why IP address will never be available from
the data.
Also, the way our mirroring works, they can get the package from any
mirror at all, so we may not see patterns that are there if we could
see logs of all mirrors instead of just one.
Yeah, I did not realized that - this is quite limiting. Taking NAT issue
into account, I don't think anymore it is good source of data :-(
--
Later,
Lukas "lzap" Zapletal
irc: lzap #theforeman