On Thu, Jan 14, 2010 at 2:01 AM, <da...@lang.hm> wrote: [...] > Along the same lines. for large applications (like Apache), don't enable > features that you don't need. If possible compile your own so that the > features you don't need aren't even compiled. This makes it likely that > security patches for this application are not actually required for your > installation. [...] > David Lang
I have to disagree here. If you are using an Enterprise Linux distro, you should not be compiling things yourself. It destroys the whole point of using an Enterprise distro. They go to great lengths to test all the dependencies and ensure that you have a valid system. Compiling your own blows this out of the water, especially if you "make install" on the target system. It's only marginally better if you roll your own RPMs and then install those. _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
