Great Circle Associates Firewalls
(July 1994)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: MBONE security?
From: James Tanis <jtt @ cs . columbia . edu>
Date: Sat, 09 Jul 1994 16:01:44 -0400
To: "William C. Fenner" <fenner @ cmf . nrl . navy . mil>
Cc: ems @ ccrl . nj . nec . com (Ed Strong), firewalls @ greatcircle . com
In-reply-to: Your message of "Fri, 08 Jul 1994 09:59:14 EDT." <199407081359 . JAA03364 @ herman . cmf . nrl . navy . mil>

In message <199407081359 .
 JAA03364 @
 herman .
 cmf .
 nrl .
 navy .
 mil>, "William C. Fenner" avows:
%--- Begin Cite ---%
> On Wed, 6 Jul 94 12:20:56 EDT  Ed Strong wrote:
> > It looks like I'm expected to just blindly
> > install binary code from stanford in my kernel.  I'd much prefer to st
> art 
> > from source code instead, if it's available.
> 
> So why don't you?  You have SunOS source, right?  Just apply the diffs a
> nd
> rebuild your kernel.  The multicast stuff from stanford is supplied as s
> ource
> code and kernel patches; the object files are simply supplied as a conve
> nience
> for those who don't have kernel source.
> 
>   Bill
%--- End Cite ---%	


Because what Sun (and probably many other vendors) ships as source code has
often come from a different source tree than that from which they build their binaries. In addition, they *never* ship patches to source, so you really run
the risk of opening up your system to old holes when you use source.

This is by no means meant to be a flame against Sun or any other vendor, in
fact one of our Sun contact is currently investigating the possiblity of
getting automatic source patches under our agreement. I just wanted to
point out a hazard in blithely depending on  source code.

The topic has strayed though, followups should be directed to the
participants or a more apropriate group.  Thanks.


/jtt


References:
Indexed By Date Previous: Re: An incredibly nasty thought regarding ICMP echo requests
From: reh @ cs . UMD . EDU (Richard Huddleston)
Next: Re: An incredibly nasty thought regarding ICMP echo requests
From: JXH @ SLAC . Stanford . EDU (John Halperin)
Indexed By Thread Previous: Re: MBONE security?
From: "William C. Fenner" <fenner @ cmf . nrl . navy . mil>
Next: Re: MBONE security?
From: smb @ research . att . com

Google
 
Search Internet Search www.greatcircle.com