In <51c127d4.6020...@blackhillsoftware.com>, on 06/19/2013 at 01:39 PM, Andrew Rowley <and...@blackhillsoftware.com> said:
>How many vendors do allow you to audit their authorized code? I know >IBM is very reluctant to divulge any information that might allow >you to exploit a vulnerability. Until OCO IBM provided customers with full access to the source code. What they controlled was the details of security APAR's. I would not expect any responsible vendor to publish a list of known security exploits, just the fixes. -- Shmuel (Seymour J.) Metz, SysProg and JOAT Atid/2 <http://patriot.net/~shmuel> We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN