Alan Coopersmith <[EMAIL PROTECTED]> wrote:
> As others have pointed out, the root of the problem is that your current
> setup requires you to put your full trust in the maintainers of each package
> with no way to verify that they've not inserted a trojan horse into the build.
> That's the discussion that should continue here.
This could only be checked once the Blastwave source is open....
Which means build scripts/Makefiles and patches.
BTW: This reveals a problem in the CDDL.
The CDDL does not require you to publish the scripts makefiles, ... as well
as other things (e.g. other closed source objects) that would allow you to
re-create a published binary.
Jörg
--
EMail:[EMAIL PROTECTED] (home) Jörg Schilling D-13353 Berlin
[EMAIL PROTECTED] (uni)
[EMAIL PROTECTED] (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/old/private/ ftp://ftp.berlios.de/pub/schily
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
