[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]
- Subject: Re: [cobalt-security] Know your PKGs [was: Unofficial PHP 4.1.2 PKG available]
- From: Menno M Jansz <lists@xxxxxxxxx>
- Date: Tue, 05 Mar 2002 23:44:47 -0000
- Organization: www.jansz.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Even if you inspect what's in a package, the executables could still have anything compiled inside them, no?
Maybe what we need is a process for getting unofficial packages built. Eg, user X does all the hard work finding out how to compile/create a package
for product Y, then mails the instructions/scripts to user Z( eg pkgmaster team) who builds everything from source, and creates the final package for
the other users.
Just a thought,
Menno