on 3-3-2008 8:39 PM Karl Denninger spake the following:
>
>
> Stephen Harris wrote:
>> On Mon, Mar 03, 2008 at 10:22:20PM -0600, Karl Denninger wrote:
>>
>>
>>> Allegedly openssl (which is loaded) provides this, but...
>>>
>>> ./configure --with-openssl
>>>
>>
>> And have you installed openssl-devel?
>>
>> (well, clearly the answer is no because you haven't actually paid any
>> attention to anything I've written)
>>
>> % yum whatprovides libcrypto.a
>> [snip]
>> openssl-devel.i386 0.9.7a-43.17.el4_6.1
>> c4-local
>> Matched from:
>> /usr/lib/libcrypto.a
>>
>> openssl-devel.i586 0.9.7a-43.17.el4_6.1
>> c4-local
>> Matched from:
>> /usr/lib/libcrypto.a
>>
>>
>> You can lead a horse to water....
>>
> Hmmmm... trying man..... heh, its my first Linux. Whadda 'ya want,
> FreeBSD since the mid 90s.
>
> ("User" installations on FreeBSD gets you standard development
> libraires and the C compiler. I am beginning to understand that CentOS
> looks at this more like Windows - the "base load" is in fact just a
> runtime with NOTHING development-related in it....)
>
But it isn't always prudent to have a full development environment on a
"server". The safe bet is to have a devel box as far as it can be from the
internet, and servers only have what they need to function. If a server is
compromised, no devel means it is at least slightly more difficult to
compromise the system. The more on a server, the more "potential" security
holes that might sneak in.
--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20080304/107bb688/attachment-0005.sig>