On Wed, 2003-08-27 at 15:33, Jon Bendtsen wrote: > Kris Boulez wrote: > > On Mon, 2003-08-25 at 13:27, Rus Foster wrote: > > [ ... ] > > > > I do have a question though from a security point. How are these images > > created ? Are there any scripts used we can examine/run ourselves ? > > This is a basic problem, but let me ask you another... > Do you personaly check the patches for the linux kernel that Jaques > makes? Are you familiar with the history of how ken tompson? got a > backdoor into gcc? The point i am making is that you cant _TRUST_ > everything, but at some point you have to trust someone to get a > computer, to get software, to get ... > I know, but these machines will run pretty critical stuff. A (short) description on how the images were made (for RH 9.0: which RPM's installed, what deleted, ...) would be very handy.
Kris, -- Kris Boulez Tel: +32-3-216.50.50 C-CURE Fax: +32-3-216.50.51 K. Rogierstraat 27 email: [EMAIL PROTECTED] B 2000 Antwerpen http://www.c-cure.be/
