Re: PGP verifyable Squid code

From: Michael Samuel <[email protected]>
Date: Tue, 9 Jun 1998 14:44:43 +1000 (EST)

On Mon, 8 Jun 1998, Alex Rousskov wrote:

> > But, how can you trust the real Squid anyway?
>
> Huh?

Well, if you're going to be paranoid about middle-man attacks, why not be
paranoid about the squid authors grabbing your /etc/passwd and sending it
off to the squid authors?

Ok, it's a bit far-fetched, but it is a good habit to browse through the
sources to look for anything strange, as well as looking at any patches
that you add in to your squid source tree.

Isn't that one of the main points of why open-source software is so good?

Michael Samuel,

Surf-Net City - Internet Cafe and Internet Service Providers
Phone: +61 3 9593-9977
E-Mail: <michael@surfdirect.com.au>
WWW: http://www.surfnetcity.com.au/~michael/
Received on Mon Jun 08 1998 - 20:46:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:40:39 MST