On Mon, 21 Jun 1999, Michael Cervantes wrote:
> Most open source software is distributed in a tar file with just makefiles,
> docs, and source. You compile the object directly from the source code that
> is provided. However, binary packages are becoming more common as package
> management apps like Redhat's RPM become ubiquitous, and it is important
> that sys admins recognize the significance of this.
RPMs and other modern binary package formats include signatures
(PGP in RPM's case).
In most cases you can also obtain source packages. In RPM's case
a source package consists of a "pristine" source archive, zero or
more patches to the the source and a "spec" file which describes
the package and build procedure.
Having the modification seperate from the original source, and
thus the ability to verify the integrity of the original source
helps quite a bit.
Regards,
Damien Miller
--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.ilogic.com.au/~dmiller
| Email: [EMAIL PROTECTED] (home) -or- [EMAIL PROTECTED] (work)
