[Zope] What causes the community to stall so often?
Joel Burton
joel@joelburton.com
Fri, 8 Mar 2002 15:33:30 -0500 (EST)
On Fri, 8 Mar 2002, Stefan H. Holek wrote:
> At 08.03.2002 22:15 +0300, Oleg Broytmann wrote:
> >On Fri, Mar 08, 2002 at 06:53:01PM +0100, Lennart Regebro wrote:
> > > When I install things on unix, I usually download and unzip a tgz file, run
> > > ./configure, write "make" and "make install", and I'm done.
> >
> > That because you manage only one computer. Think about poor sysadmins who
> >maintain dozens servers on a site - they just don't have enough time to
> >untar and compile all that crap...
>
> OTOH my admins would never use (mission critical) rpms they did not
> carefully package themselves... :-)
Yeah, well. I remember the line in "Essential System Administration"
(O'Reilly) about never installing as root a product that you haven't
carefully studied the source code for, looking for security
vulnerabilities.
All I thought was: wow, people must have a lot more free time on their
hands than I do! Ever tried reading the source code for perl? :-)
But, seriously, I'm curious: do you think that you're getting better
security w/someone's ./configure && make && make install setup (also run
as root, can also execute anything you want and might unless you read the
configure file and make file and source code)?
--
Joel BURTON | joel@joelburton.com | joelburton.com | aim: wjoelburton
Independent Knowledge Management Consultant