| From: Vigorito, Nicholas E. [mailto:[EMAIL PROTECTED]
| Sent: Thursday, 02 August, 2007 15:49
|
| Here are some quotes from this person:
|
| I would never install open source from binaries on a machine I did not
| want someone to break into.
Cool, just get a copy of whatever tools he uses to s
On Thu, Aug 02, 2007 at 05:51:27PM -0400, Steve Ochani wrote:
> LOL, I would ask him if he sits there and examines all the code of
> everything that is on his system.
Ya know, I don't do that before I install most stuff, but I *do* tend
to open the source kit and read it when I want the product to
Well, the security argument depends more on "you *could*" than on "you
*do*". Somewhere out there is someone crazy enough to comb through
any given source kit looking for evil. Would any counterfeiter have
the guts to set up his print shop on the sidewalk outside a police
station? Much of securi
Hello,
Peter Crowther wrote:
From: Vigorito, Nicholas E. [mailto:[EMAIL PROTECTED]
A coworker claims that all unix admins should never install
open source binaries. They should build using the source.
Binaries are marginally more open to tampering; this is why most (all?)
Apache projects prov
> From: Vigorito, Nicholas E. [mailto:[EMAIL PROTECTED]
> A coworker claims that all unix admins should never install
> open source binaries. They should build using the source.
Binaries are marginally more open to tampering; this is why most (all?)
Apache projects provide checksums of the built
Tomcat installing from source doesn't make *any* sense, not even on Linux.
Why?
Well, Tomcat is written entirely in Java. Therefore, you can download
the binaries from the Apache website and check the KEYS
(MD5-checksums). If they are ok, you can be sure nobody has tampered
with.
Building from s
>
> > -Original Message-----
> > From:
> >
>
[EMAIL PROTECTED]
> >
>
[mailto:[EMAIL PROTECTED]
> > .o rg] On Behalf Of ben short Sent: Thursday,
> August 02, 2007 4:44 PM
> > To: Tomcat Users List Subject: Re: Installing
> Tomcat on Li
Exactly.
Wade
--- Hassan Schroeder <[EMAIL PROTECTED]>
wrote:
> On 8/2/07, Vigorito, Nicholas E.
> <[EMAIL PROTECTED]> wrote:
> > Here are some quotes from this person:
> >
> > You are trusting that someone built the binaries
> directly from the
> > source code without any additional modificatio
; rg] On Behalf Of ben short
> Sent: Thursday, August 02, 2007 4:44 PM
> To: Tomcat Users List
> Subject: Re: Installing Tomcat on Linux
>
> I would question his reason for this statement
>
> A coworker claims that all unix admins should never
> install open source
ECTED]
> [mailto:[EMAIL PROTECTED]
> .o rg] On Behalf Of ben short Sent: Thursday, August 02, 2007 4:44 PM
> To: Tomcat Users List Subject: Re: Installing Tomcat on Linux
>
> I would question his reason for this statement
>
> A coworker claims that all unix admins should never
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Nicholas,
Vigorito, Nicholas E. wrote:
> You are trusting that someone built the binaries directly from the
> source code without any additional modification or back-doors built in.
True. But then again, you are trusting commercial companies to do th
On 8/2/07, Vigorito, Nicholas E. <[EMAIL PROTECTED]> wrote:
> Here are some quotes from this person:
>
> You are trusting that someone built the binaries directly from the
> source code without any additional modification or back-doors built in.
Flip side: you have gone through the *entire source
On 8/2/07, Vigorito, Nicholas E. <[EMAIL PROTECTED]> wrote:
> A coworker claims that all unix admins should never install open source
> binaries. They should build using the source.
>
> Looking for a concensus. Is it ok to install the Tomcat binaries or
> should I build using the Tomcat source the
ssage-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
rg] On Behalf Of ben short
Sent: Thursday, August 02, 2007 4:44 PM
To: Tomcat Users List
Subject: Re: Installing Tomcat on Linux
I would question his reason for this statement
A coworker claims that all unix admins should never install
I would question his reason for this statement
A coworker claims that all unix admins should never install open source
binaries. They should build using the source.
On 8/2/07, Vigorito, Nicholas E. <[EMAIL PROTECTED]> wrote:
> I am going to install Tomcat standalone (not fronted by Apache) on
I am going to install Tomcat standalone (not fronted by Apache) on a
Linux box that will eventually be opened up to small portion of the
outside world.
I am a developer and as such haven't ever done anything with Tomcat
except install the binaries on my Windows machine and run it locally for
devel
16 matches
Mail list logo