Date: Sat, 25 Aug 2012 00:39:48 +0200 From: "Julian H. Stacey" <jhs@berklix.com> To: Tim Daneliuk <tundra@tundraware.com> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: Tangental And OT: Commercial Support For 'sudo' Message-ID: <201208242240.q7OMdmmr090014@fire.js.berklix.net> In-Reply-To: Your message "Fri, 24 Aug 2012 14:45:45 CDT." <5037D9E9.9050305@tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Tim Daneliuk wrote: > Please forgive the OTishness of this, but I'm hoping some of > my fellows in the large data center space may have a hint or > two here ... > > I am working with a firm that needs to run sudo in a variety of > OS environments. A few of these - noteably IBM AIX - do not provide > vendor support and legal indemnification of many open source packages, > sudo among them. This is official a Big Deal (tm) for this company. > > So ... does anyone know of a commercial concern that provide sudo support > and legal indemnification? GratiSoft - the keeper of sudo - were apparently > going to do this at one point but decided not to. It wouldn't surprise me if no firm offered useful legal indemnification with contract terms the lawyer of your firm would consider acceptable. Why suppliers might not like to offer cover: How long is a piece of string ? Define what doors the string connects, contracturaly definie routes & limits & values of potential consequential damage to data & service & 3rd parties. How much would lawyers & insurance brokers/suppliers push up the price for defining cover ? Reduced motivation to purchase cover anyway in realisation its a grey area, eminently disputable, & come a big claim on insurer, he'd be looking for loopholes, so insuree (your firm) could end up sueing insurer. Yet more lawyers & insurance fees; a profitable interesting relatively safe software supply business is different from the insurance business. Some managers are clueless, first demand the impossible, don't get it, then compromise without, & do business without: One customer demanded as standard, my welding certificate & insurance over a million Euros, I refused, offered I would stand on street & pass a floppy disk through their fence. It escalated to someone responsible, they abandoned their conditions & purchased. Several customers wanted me/my company to accept unlimited risk in event of copyright law suit (possible to research that risk, though still dangerous as even defending frivolous law suits can cost) and to cover risk of software patent litigation (impossible to know risks that lurk, no way!). Iv'e always refused, but offered to help explore contacts in insurance business if customer Really wants to purchase own insurance. After Thinking, they've Always backed down, & decided that's Their business operating risk they should shoulder & not try to pass to others, as no one else is stupid enough to accept undefinable risk, except possibly at very heavy extra cost & debatable usefulness. Even if a firm categorically demands insurance, - does not mean they will get it, - indicates some manager is clueless, foolish or deluded/ aggressive, - shows the firm is a business risk, as it doesn't understand associated business issues. Every cloud has a silver lining. An indemnity contract (if any found) will have legal terms that purchasers lawyer will need to consult a computer professional about. The purchasing firm will end up paying 2 professionals to define its risk, & probably decide to skip it, & carry it's own risk. PS Another discussion forum to ask on: SAGE, System Administrators Guild Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, & indent with "> ". Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from Yahoo & Hotmail to be dumped @Berklix. http://berklix.org/yahoo/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201208242240.q7OMdmmr090014>