Tangental And OT: Commercial Support For 'sudo'
Julian H. Stacey
jhs at berklix.com
Fri Aug 24 22:40:19 UTC 2012
Hi,
Tim Daneliuk wrote:
> Please forgive the OTishness of this, but I'm hoping some of
> my fellows in the large data center space may have a hint or
> two here ...
>
> I am working with a firm that needs to run sudo in a variety of
> OS environments. A few of these - noteably IBM AIX - do not provide
> vendor support and legal indemnification of many open source packages,
> sudo among them. This is official a Big Deal (tm) for this company.
>
> So ... does anyone know of a commercial concern that provide sudo support
> and legal indemnification? GratiSoft - the keeper of sudo - were apparently
> going to do this at one point but decided not to.
It wouldn't surprise me if no firm offered useful legal indemnification
with contract terms the lawyer of your firm would consider acceptable.
Why suppliers might not like to offer cover:
How long is a piece of string ? Define what doors the string
connects, contracturaly definie routes & limits & values of
potential consequential damage to data & service & 3rd parties.
How much would lawyers & insurance brokers/suppliers push
up the price for defining cover ?
Reduced motivation to purchase cover anyway in realisation
its a grey area, eminently disputable, & come a big claim
on insurer, he'd be looking for loopholes, so insuree (your
firm) could end up sueing insurer.
Yet more lawyers & insurance fees; a profitable interesting
relatively safe software supply business is different
from the insurance business.
Some managers are clueless, first demand the impossible, don't get it,
then compromise without, & do business without:
One customer demanded as standard, my welding certificate
& insurance over a million Euros, I refused, offered I would
stand on street & pass a floppy disk through their fence.
It escalated to someone responsible, they abandoned their
conditions & purchased.
Several customers wanted me/my company to accept unlimited
risk in event of copyright law suit (possible to research
that risk, though still dangerous as even defending frivolous
law suits can cost) and to cover risk of software patent
litigation (impossible to know risks that lurk, no way!).
Iv'e always refused, but offered to help explore
contacts in insurance business if customer Really wants to purchase
own insurance. After Thinking, they've Always backed
down, & decided that's Their business operating risk they
should shoulder & not try to pass to others, as no
one else is stupid enough to accept undefinable risk, except
possibly at very heavy extra cost & debatable usefulness.
Even if a firm categorically demands insurance,
- does not mean they will get it,
- indicates some manager is clueless, foolish or deluded/ aggressive,
- shows the firm is a business risk, as it doesn't understand
associated business issues.
Every cloud has a silver lining. An indemnity contract (if any
found) will have legal terms that purchasers lawyer will need to
consult a computer professional about. The purchasing firm will end
up paying 2 professionals to define its risk, & probably decide to
skip it, & carry it's own risk.
PS Another discussion forum to ask on: SAGE, System Administrators Guild
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Reply below not above, cumulative like a play script, & indent with "> ".
Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from Yahoo & Hotmail to be dumped @Berklix. http://berklix.org/yahoo/
More information about the freebsd-questions
mailing list