On 13.05.2016 10:47, Tareq Alrashid wrote: > The new world order seem to demand some adjustments to how we do > things nowadays with on premise and cloud service deployment. We know > how many OS’es come with prebuilt versions Kerberos RHEL/OS > X…etc., and I am starting to ponder if efficiency could be > optimized if we no longer built our own Kerberos binaries from > downloaded MIT source, but rather just configure OS’s e.g. RHEL 7 > version of krb5-1.13? RedHat does release security patches with OS > patches and that can save us some manual labor.
As someone who *always* used to build my own versions of packages, my philosophy for the last ten years or so has been to use the distribution-provided packages unless you have a *really* good reason to build them yourself. Red Hat, Debian, etc. can dedicate a lot more time to tracking, patching, and testing bugs and security holes than most people (certainly myself) can. > > Is this an obvious non-issue as which version we choose to deploy or > is the known philosophy, I have been following since 1999; download > from MIT and build on my own. For me, the only reason I'd go with building my own would be to standardize on a given version across platforms. That, or if you needed special compile time options that a distribution doesn't compile with, but that's exceedingly rare, I think. > > I have my own opinion, but I also wonder what others had in mind > > Thank you, > Tareq > ________________________________________________ > Kerberos mailing list Kerberos@mit.edu > https://mailman.mit.edu/mailman/listinfo/kerberos ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos