X-Message-Index: 393
X-Message-Prev: 033
X-Message-Next: 034
X-Thread-Prev: 037
X-Thread-Next: 396
From: "Matt Crawford" <matt@oddjob.uchicago.edu>
To: phage
X-To: verber@tut.cis.ohio-state.edu, phage@purdue.edu, bfraik@next.com, bzs@multimax.encore.edu,       hedrick@topaz.rutgers.edu, croft@csli.stanford.edu,       alison@maverick.osc.edu
Subject: Re: Security Mailing List
Date: Fri, 04 Nov 88 12:34:10 CST
X-Date: Fri 13:34:10 04/11/1988 EST

>> The are a number of sites who don't have source, yet they want holes
>> fixes.  For some problems, it is easy enough to patch a binary with
>> adb, but for other problems that is not enough.  I would suggest a
>> ftp site on the Internet that would keep binaries to patched programs.
>> I would suggest Sun-3, Sun-4, and Vaxen binaries.  Possibly other
>> machines (i.e. Pyramid, Sequent, Encore, HP) if there seems to be enough
>> of an interest.

A good idea, but unfortunately this violates the terms of many
software source licenses.  Special dispensation might be needed.
Also, such a repository would have to be guarded extremely well
lest bugged programs be planted in it.

			 Matt