Andrew Molitor wrote:
> Here's a simple quick question, the answer to which will vary
> from person to person. Why do you want the source for your security tools?
> Do you actually have time to do a proper inspection of the code? Is
> it because documentation is always terrible, and if you have the source, you
> can at least fall back on it? Is it so you can tinker with it? Some other
All of the above, plus lack of faith that sufficient vendor support
personnel exist (for any vendor) to rapidly handle _all_ their
customers sites at once in the event of a widespread problem. If your
site can't wait for the vendor to fix it, then you should require
source code for it.
Richard Murkland (407)796-5249
Pratt & Whitney, West Palm Beach, Fl
My opinions are my own, not necessarily shared by Pratt & Whitney.