[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]

Subject: Re: [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]
From: Menno M Jansz <lists@xxxxxxxxx>
Date: Tue, 05 Mar 2002 23:44:47 -0000
Organization: www.jansz.com
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Even if you inspect what's in a package, the executables could still have anything compiled inside them, no?

Maybe what we need is a process for getting unofficial packages built. Eg, user X does all the hard work finding out how to compile/create a package 
for product Y, then mails the instructions/scripts to user Z( eg pkgmaster team) who builds everything from source, and creates the final package for 
the other users.

Just a thought,
Menno

References:
- [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]
  - From: Matthew Nuzum

Prev by Date: AW: AW: [cobalt-security] Unofficial PHP 4.1.2 PKG available
Next by Date: RE: [cobalt-security] SSLeay installation
Previous by thread: Re: [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]
Next by thread: RE: AW: [cobalt-security] Unofficial PHP 4.1.2 PKG available

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index