>I always compile from source on production Solaris 9 & 10 machines.
I learned my lesson ages ago with doing such things on with distros that utilize a package manager (even though Solaris 10's is worth sh!t). From that day forward I try my hardest to always use the package manager, and it looks like I might have to learn to how to make SVR4/IPS packages now as well... So much to do, so little time:) >Otherwise, I'm stuck with old packages and missing the latest security >updates. That's the point with a solid distro, sec fixes etc are back ported and patched in. I couldn't even fathom trying to know the implications of changing core libraries and apps on an enterprise system, that kind of feat takes the man power of a large company. Do you actually know what happens to all the apps that get affected by the different deps newer apps call for? I can say I sure as hell don't:) As far as I see it (like you), Bacula isn't all that integrated and vulnerable but I still hate to bypass the package mangler. In addition to that, I always mitigate my exposure with iptables(Linux) and limit whatever is open to only what it needs to be. jlc ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
