Full Disclosure mailing list archives
RE: Re: January 15 is Personal Firewall Day, he lp the cause
From: Ron DuFresne <dufresne () winternet com>
Date: Wed, 21 Jan 2004 09:50:44 -0600 (CST)
<snip>And yet, there's not much one ca do with a kernel alone. Of course redhat tends to be one of the "kitchen sink" distros of linux. And if you are in for a test of your skills, try replacing say apache with your own build on a redhat system, and learn the issues of dependcany hell that is the redhat RPM structure.Bad example. We ran our own RPM for Apache for at least a year, recompiling whenever a newer version came out. All you do is add your patch in the apache.spec file, and up the version number slightly. Our particular patch did what 'RequestHeader unset "Authorization"' does in Apache 2.0. This was on Red Hat 7.2, but newer versions of Red Hat are the same. Now if you were talking about openssl, I'd agree with you. I've emailed far too many people who've stuffed their machines by either removing or overwriting the built-in openssl package from Red Hat 7.0 onwards.
Actually, I was not clear enough, I was referenceing apache with ssl capabilities, but, then again, this also is lacking in the full dependancy hell I refer to. When engaged on a project to port our web hosting to the s390 platform with redhat VM's there, we decided to go with as minimal a install as possible. Apache is quite dependent upon quite a few bloated RPM's itself, adding onenssl into the mixfor ssh/ssl capabilities increases this dependance quite a bit. And the real problem was finding any doocumentation to define the needs and depenance of one package to another. Now, this is also encountered in other platforms, but, is somewhat better documented as well via the other vendors. What was interesting was that both redhat and IBM were kinda surprised that we'd even consider a minimum install, rather then a blow everything into the VM and run with it approach... Slackware at least provides a MANIFEST of all the files by package, such that one can weed through and make installation decisions prior to doing a setup/install, I'm still looking for the redhat equivalent <though admittedly, no longer as diligently as I was a few months ago>. Not that redhat is even now ready to properly support it's offering on the s390 platform. Even with their recent repositioning of their offereings, the back end support channels for this platform are still pretty much non-existant. <but, that's another issue altogether> Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Re: January 15 is Personal Firewall Day, he lp the cause Justin Bajko (Jan 15)
- Re: Re: January 15 is Personal Firewall Day, he lp the cause vb (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, he lp the cause Wes Noonan (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, he lp the cause Tobias Weisserth (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, he lp the cause vb (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, he lp the cause Wes Noonan (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, he lp the cause vb (Jan 16)
- <Possible follow-ups>
- FW: Re: January 15 is Personal Firewall Day, he lp the cause Clairmont, Jan (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, he lp the cause John . Airey (Jan 21)
- RE: Re: January 15 is Personal Firewall Day, he lp the cause Ron DuFresne (Jan 21)