dccifd 1.2.49 dying, any help?

Henrik Edlund henrik@edlund.org
Sat Jun 12 21:40:05 UTC 2004


On Sat, 12 Jun 2004, Vernon Schryver wrote:

> I don't like 3rd party "distributions" or what seem to be random 
> collections of patches because they break that trail of trust.

Which is just what I wrote. If I install DCC from your source I know what 
I run and I know who is responsible for creating it. If I install RedHat's 
RPM (or some other distribution other than Slackware which seem to have as 
policy not to apply or backport patches) it could contain hundreds of 
patches RedHat thought was nice, their own, backported from new versions 
[features/bugfixes] and so on. It is not uncommon that the distributions 
introduce security holes as they add their own code without really knowing 
the code they are changing, and also without going the appropiate way to 
the original developers.



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.