Originally Posted by CarlAndr
It would like to know what he is safer to initiate the server, get all the sources codes and to compile or to the packages with apt-get direct?
I am often conflicted with this, as I really enjoy using vendor tested and supplied binaries, especially from MySQL. On the other hand, if you want to upgrade to a newer version and maintain the older version or if you have some non-standard build options/parameters not included in the base RPM, you may well want to approach building from source.
It comes down to a couple different options when wanting to install custom compiled software.
1. You can build from source and install, typically using the configure/make/make install paradigm.
2. You can install, in my case because I use RedHat, a source RPM and then modify it to reflect the paths and build options you want. Then you simply rebuild the RPM then install it. You can also have specific build RPMs of apache/php/mysql and others that you place into a system like apt-get or yum or up2date, really, they can be repositories of binaries that you have custom built and act as a means for a cenrtal build server, that comes in very handy if you have multiple machines.
Method 2 is nice if you have several machines, all with an identical builds/architectures and you like maintaining RPMs. Otherwise, if you prefer a very fine grained control to how you build and where you install the software, go with a custom compile.
There are certain distros of Unix/Linux that cater to the different preferences. A typical BSD system uses the ports system, which is an automated means for pulling down and compiling from source. While RPM based systems like RedHat/CentOS/Fedora use prebuilt binaries. I also know some folks that really like Gentoo Linux, as it has very nice controls for automating builds, but does them all in a BSD-style way.
As far as your question about "safer", I'd say that if you rely on a vendor for an RPM update for a security flaw, and don't have the means to patch and/or recompile and install again, it *may* be less secure, simply in that your boxes have compromised software hanging out there for less time than others.