Subject: are the binaries safe?
To: None <>
From: =?iso-8859-1?q?C=E9sar=20Catri=E1n?= <>
List: tech-pkg
Date: 05/12/2003 20:37:37
hi folks.

I would like to know how much 'safe' and 'secure' are
the binaries packages (.tgz) to be used in a
production environment. I would like to know points of
view about the binaries generated by, and
external binaries like www/phoenix-bin and
lang/sun-jdk14 for example.

I have talked with some friends about it. All said
that they don't want binaries in their netbsd systems,
but I told them that if they don't see the code, the
compile process would be just a lost of time. If the
compiler would be able to detect some common
vulnerabilities (some shellcode, some programmed and
unrelated connection), chosing source should be the
right choice. But it is another history.

I trust binaries made on, and binaries made
from open source orgs, in that order. A binary system
made entirely by binaries should be easy to mantain. I
don't trust closed source binaries, but it is personal

thanks and kind regards

César Catrián C.

Do You Yahoo!?
Información de Estados Unidos y América Latina, en Yahoo! Noticias.
Visítanos en