Good morning and thanks for all the input. Your information has been a great help and it is my understanding that GIMP does not utilize System ports to operate. Meaning that Port 41 (Graphics) for example is not used by GIMP. All services are provided by OS. GIMP works at Layer 7 at the "front end" of OS.
The certification is Enterprise (Global) mandate for any new software requests. to ensure it is safe for use through the Enterprise after going through several Vulnerability tests. The most difficult part is obtaining the information not necessarily the certification itself. Thanks again -----Original Message----- From: gimp-user-boun...@lists.xcf.berkeley.edu [mailto:gimp-user-boun...@lists.xcf.berkeley.edu] On Behalf Of Stefano Rovetta Sent: Tuesday, July 05, 2011 5:20 PM To: gimp-user@lists.XCF.Berkeley.EDU Subject: [Gimp-user] R: Gimp (certification) I think the poster was not asking about facts (is GIMP safe?), but about certifications (is GIMP certified as safe?). I don't think it is possible to reassure him about this. In fact, the GPL has a "NO WARRANTY" clause. If he/his customer wants something certified, I think he has to pay for the certification - which does not imply that the software is actually safe (there is no a priori way to tell this), but only that it has passed some tests. By the way... > > It is an application that receives > services from the OS ? I don't know of any program that does not receive services from the OS. At the bare minimum, memory management (virtual memory) and process management (process startup and scheduling, execution) are up to the OS in all cases. I don't know how this question should be interpreted. --Stefano > On Tuesday, July 05, 2011 09:39:39 am Baughman, Richard P USA CIV (US) > wrote: > > Good morning, > > > > Have a customer requesting GIMP 2.6.x for project > starting within 2 weeks. > > > > IT department requires the software to be tested and > approved prior to any > > new software being installed within our Enterprise. > > > > Basically I understand GIMP to operate at the > desktop... > > It is an application that receives > services from the OS > > > > ? what system ports (if any) are utilized by GIMP ? does the program > > traverse internet (80, 8080, 443 > etc ) > > ? are there any known vulnerabilities > > > > Appreciate your time and assistance. > > > > Thanks > > Rick > > > > > > _______________________________________________ > > Gimp-user mailing list > > Gimp-user@lists.XCF.Berkeley.EDU > > https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-user > > Gimp is an Open Source program that runs on MSWin, OS X and > > Linux. It is similar in purpose to Photoshop but does not produce CMYK > output, just RGB. > > To install Gimp you download it over the Internet. Please visit > http://www.gimp.org for details. > > > The user can click on the help facility and view the Gimp Manual in an > html viewer. Other than that there is no operational connection to the > internet. No ports are opened. It is a stand-alone local program. > > > > Gimp has been in use for many years on many systems in many shops. It > is not scary. > > I know of no vulnarabilities. But I operate on Linux where > > vulnerabilities are seldom an issue. _______________________________________________ Gimp-user mailing list Gimp-user@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-user _______________________________________________ Gimp-user mailing list Gimp-user@lists.XCF.Berkeley.EDU https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-user
