From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] index.cgi: Display a warning if the last Core Update was
 installed more than 90 days ago
Date: Wed, 19 Jan 2022 08:22:59 +0000
Message-ID: <EAC73430-0359-4C5D-8BAE-DC98FBF33C88@ipfire.org>
In-Reply-To: <993eb6cf-c4b2-844f-0031-147345bf795d@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2159055194976100864=="
List-Id: <development.lists.ipfire.org>

--===============2159055194976100864==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello,

> On 18 Jan 2022, at 21:21, Peter M=C3=BCller <peter.mueller(a)ipfire.org> wr=
ote:
>=20
> Hello Michael,
>=20
> thanks for your reply.
>=20
> Yes, differentiating the update message is a good idea - in terms of UX, it=
 is probably
> the better one.
>=20
> And yes, 90 days are fine for me. On the one hand, this nudges us to releas=
e updates faster,

I am not against this, but I am afraid that we will create false panic here f=
or some users.

We might send the message =E2=80=9CIPFire is not secure any more=E2=80=9D whi=
ch is not what I would want. It isn=E2=80=99t strictly true.

Then there is this disaster that clamav does when they have a message that st=
arts with the words =E2=80=9CDON=E2=80=99T PANIC=E2=80=9D. People *of course*=
 do panic because of that. It probably creates the opposite of what you want:=
 It destroys trust in the software.

For that reason I would like to be very very *very* careful about this.

> and on the other hand, we can expect users to respond to a new update withi=
n a month. Sure,
> there are maintenance windows and things like that in corporate environment=
s, but if they
> cannot react to a security-relevant update within 30 days, perhaps they sho=
uld ask themselves
> if their internal procedures are still suited for today's threat landscape.

We do not =E2=80=9Cmarket=E2=80=9D every update as an urgent security release=
. We have lots of them leading with the words =E2=80=9Cbug fixes and feature =
enhancements=E2=80=9D.

I know that many people do a tick-tock kind of upgrade policy. Install an upd=
ate, skip the next one. That is just to keep labour time down which I wouldn=
=E2=80=99t totally disagree with.

-Michael

>=20
> Thanks, and best regards,
> Peter M=C3=BCller
>=20
>=20
>> Hello,
>>=20
>>> On 15 Jan 2022, at 09:15, Peter M=C3=BCller <peter.mueller(a)ipfire.org> =
wrote:
>>>=20
>>> At the time of writing, Fireinfo reports more 51.67% of all
>>> installations reporting back to us are running at least two Core Updates
>>> older than the latest one.
>>>=20
>>> While I doubt we can expect our userbase to patch their systems within
>>> 24 hours (which is the recommended timespan given for critical
>>> infrastructures by multiple CERTs), if they the last Core Update was
>>> installed more than 90 days ago, we can safely consider the system in
>>> question being outdated and insecure.
>>>=20
>>> Therefore, this patch displays a warning on index.cgi, in addition to
>>> the "an update is available" message - in the hope to nudge people to
>>> keep their IPFire machines up to date.
>>=20
>> I am not sure whether it is a good idea to have this in addition. I would =
prefer a highlighted message if someone is more than one update behind. There=
 should be a difference between:
>>=20
>>  Hey, we just wanted to let you know that a new update is available.
>>=20
>> And:
>>=20
>>  Dude, you really need to make sure your system is up to date.
>>=20
>> I understand that 90 days sounds long, but considering that we take up to =
60 days between releases, this only leaves you with 30 days. Is that really w=
hat you are going for here?
>>=20
>> -Michael
>>=20
>>>=20
>>> Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
>>> ---
>>> html/cgi-bin/index.cgi | 10 +++++++++-
>>> langs/de/cgi-bin/de.pl |  1 +
>>> langs/en/cgi-bin/en.pl |  1 +
>>> 3 files changed, 11 insertions(+), 1 deletion(-)
>>>=20
>>> diff --git a/html/cgi-bin/index.cgi b/html/cgi-bin/index.cgi
>>> index 2b7ccdb0f..fbd656988 100644
>>> --- a/html/cgi-bin/index.cgi
>>> +++ b/html/cgi-bin/index.cgi
>>> @@ -2,7 +2,7 @@
>>> #########################################################################=
######
>>> #                                                                        =
     #
>>> # IPFire.org - A linux based firewall                                    =
     #
>>> -# Copyright (C) 2007-2014  IPFire Team  <info(a)ipfire.org>             =
        #
>>> +# Copyright (C) 2007-2022  IPFire Team  <info(a)ipfire.org>             =
        #
>>> #                                                                        =
     #
>>> # This program is free software: you can redistribute it and/or modify   =
     #
>>> # it under the terms of the GNU General Public License as published by   =
     #
>>> @@ -541,6 +541,14 @@ if ( ! -e "/var/ipfire/main/send_profile") {
>>> 	$warnmessage .=3D "<li><a style=3D'color: white;' href=3D'fireinfo.cgi'>=
$Lang::tr{'fireinfo please enable'}</a></li>";
>>> }
>>>=20
>>> +# Running on likely outdated Core Update (last update was more than 90 d=
ays ago)
>>> +my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size, $atime, $mtime,=
 $ctime, $blksize, $blocks) =3D stat "/opt/pakfire/db/core/mine";
>>> +my $core_update_age =3D time() - $mtime;
>>> +
>>> +if ( "$core_update_age" > "7776000" ) {
>>> +	$warnmessage .=3D "<li>$Lang::tr{'outdated installation warning'}</li>";
>>> +}
>>> +
>>> # EOL architecture
>>> my ($sysname, $nodename, $release, $version, $machine) =3D &POSIX::uname(=
);
>>> if ($machine =3D~ m/^i.86$/) {
>>> diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
>>> index c81b28fea..2ae0f948c 100644
>>> --- a/langs/de/cgi-bin/de.pl
>>> +++ b/langs/de/cgi-bin/de.pl
>>> @@ -1878,6 +1878,7 @@
>>> 'otherport' =3D> 'Anderer Port',
>>> 'our donors' =3D> 'Unsere Unterst=C3=BCtzer',
>>> 'out' =3D> 'Aus',
>>> +'outdated installation warning' =3D> 'Diese IPFire-Installation ist vera=
ltet, was ein Sicherheitsrisiko darstellt. Bitte aktualisieren Sie das System=
 schnellstm=C3=B6glich.',
>>> 'outgoing' =3D> 'ausgehend',
>>> 'outgoing compression in bytes per second' =3D> 'Abgehende Kompression',
>>> 'outgoing firewall' =3D> 'Ausgehende Firewall',
>>> diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
>>> index 2f7038fb1..8d1eb3e2d 100644
>>> --- a/langs/en/cgi-bin/en.pl
>>> +++ b/langs/en/cgi-bin/en.pl
>>> @@ -1914,6 +1914,7 @@
>>> 'otherport' =3D> 'other Port',
>>> 'our donors' =3D> 'Our donors',
>>> 'out' =3D> 'Out',
>>> +'outdated installation warning' =3D> 'This IPFire installation is outdat=
ed, which is a security risk. Please check for and install updates as soon as=
 possible.',
>>> 'outgoing' =3D> 'outgoing',
>>> 'outgoing compression in bytes per second' =3D> 'Outgoing compression',
>>> 'outgoing firewall' =3D> 'Outgoing Firewall',
>>> --=20
>>> 2.31.1
>>=20


--===============2159055194976100864==--