On Tuesday 20 March 2007 11:11 am, Matt Ingenthron wrote:
> Agreed, and at some level or another, this project will just be
> packaging what the community around the given component develops, bug
> for bug complete. I suspect users will understand that already, though
> it doesn't obviate the need
On 3/20/07, Alan DuBoff <[EMAIL PROTECTED]> wrote:
When you say, "So I think we'll be upgrading and patching(once 11 comes out)
the web stack on a regular basis.", so you mean the community will need to
keep upgrading the package(s)? I'm not sure who "we'll" refers to.
In this particular case
Alan DuBoff wrote:
I'll watch to see what Alec might have to say, but in general this is going to
be one very high maintenance package, any way we look at it. We do need the
software, it just has a lot of strings attached from any perspective we look
at it, unless the software is just left vu
The sfwnv-discuss list might be a better venue for this discussion. Some of
the people subscribed there might not be subscribed here.
Eric
___
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
On Tuesday 20 March 2007 09:45 am, Matt Ingenthron wrote:
> It may also be interesting to see what, if anything, can be done about
> reducing privilege sets for this OpenSolaris Apache/PHP stack to at
> least reduce the possibility of nefarious activities if (when?) there is
> a vulnerability. My
On Tuesday 20 March 2007 06:16 am, Octave Orgeron wrote:
> Perl and PHP are often targeted on the internet. It's sad and
> unfortunate, but it's the reality of things. When I use to work for a
> web hosting company, we'd constantly have to deal with crackers and
> script kiddies hijacking customer
Stefan Teleman wrote:
I believe we should also Purify PHP. The problem is that Purify
probably won't work on Nevada, but we could build PHP on a release of
S10 they support, and it will still catch buffer overflows, ABR/ABW,
UMR, stack corruption, double deletion, etc.
Sun Studio's dbx check
Matt Ingenthron wrote:
It may also be interesting to see what, if anything, can be done about
reducing privilege sets for this OpenSolaris Apache/PHP stack to at
least reduce the possibility of nefarious activities if (when?) there is
a vulnerability. My colleague Alec Muffet may be able to l
Hi,
I support the idea of adding reduced privs to this stack to help
customers reduce the security issues that these tools expose by nature.
It's these kind of "value adds" that will differentiate our web stack.
Another aspect would be management. It would be nice to a tool to
manage a data center
Stefan Teleman wrote:
(snip...)
I believe we should also Purify PHP. The problem is that Purify
probably won't work on Nevada, but we could build PHP on a release of
S10 they support, and it will still catch buffer overflows, ABR/ABW,
UMR, stack corruption, double deletion, etc. We could the
Hi,
Perl and PHP are often targeted on the internet. It's sad and
unfortunate, but it's the reality of things. When I use to work for a
web hosting company, we'd constantly have to deal with crackers and
script kiddies hijacking customer websites. In many cases, poorly
written perl or php code was
On Tuesday 20 March 2007 02:07, Alan DuBoff wrote:
> On Monday 19 March 2007 07:37 pm, Stefan Teleman wrote:
> > http://www.php-security.org/
>
> This is scary...I think I'll go get a cold shower...;-)
>
> I have to wonder, much of the online forum software is written in
> PHP, and as such seems to
On Monday 19 March 2007 07:37 pm, Stefan Teleman wrote:
> http://www.php-security.org/
This is scary...I think I'll go get a cold shower...;-)
I have to wonder, much of the online forum software is written in PHP, and as
such seems to be vulnerable. How do people deal with sites that are based o
On Monday 19 March 2007 13:52, Octave Orgeron wrote:
> Hi,
>
> I think this is a great idea and will help developers and shops
> that depend on these tools. Of course the key issue I see is
> supportability. A lot of developers like to see the latest and
> greatest versions of these tools. However,
Hi,
I would like to point out that manageability should be part of any web
stack discussion - ask any ops guys who have had to actually deploy this
stuff. Managing it usually requires a great deal of customization as
current software does a poor job of dealing with it - except for ours,
of co
Hi,
I think this is a great idea and will help developers and shops that
depend on these tools. Of course the key issue I see is supportability.
A lot of developers like to see the latest and greatest versions of
these tools. However, that must be tempered with the requirement of
stability and sec
+1 from Me. Would be nice to see a Python-based framework included
(Django perhaps).
Also, the MySQL is a definite requirement. Calling MySQL a shoddy
product is pretty nasty and wrong-headed comment. I've got my own
gripes about Postgres, but lets just say I'd like to see both
included, and folk
Thanks, Stefan. You have seconds. I'll contact you offline to
get you set up.
On Thu, 15 Mar 2007, Stefan Teleman wrote:
Project Proposal: Next Generation Web Stack
Summary
We would like to create an OpenSolaris project to assume and enhance
the community and work originally created in Sun's C
Steering to OpenSolaris databases mailing-list...
http://mail.opensolaris.org/pipermail/databases-discuss/2007-March/thread.html#55
On Fri, 16 Mar 2007, [EMAIL PROTECTED] wrote:
On Fri, Mar 16, 2007 at 01:30:59AM -0700, UNIX admin wrote:
ditch the MySQL DB as fast as possible and replace it wi
> I disagree, put both Mysql and Postgres connectors
> in the package.
Actually, that's a pretty good idea.
Put both in, so those projects that explicitly depend on MySQL have "backward
compatibility" and others are free to use PostgreSQL as the backend for future
development.
This message p
On Fri, Mar 16, 2007 at 01:30:59AM -0700, UNIX admin wrote:
> ditch the MySQL DB as fast as possible and replace it with PostgreSQL.
> MySQL DB is an extremely shoddy product, besides, PostgreSQL is much easier
> to deploy and use.
PostgreSQL is included in standard distribution and I am sure Sun
> > Project Proposal: Next Generation Web Stack
> >
> > Summary
> >
> > We would like to create an OpenSolaris project to
> > assume and enhance
> > the community and work originally created in Sun's
> > CoolStack project
> > as part of the CoolTools project. This project
> will
> > assume all o
> Project Proposal: Next Generation Web Stack
>
> Summary
>
> We would like to create an OpenSolaris project to
> assume and enhance
> the community and work originally created in Sun's
> CoolStack project
> as part of the CoolTools project. This project will
> assume all of
> the CoolStack comp
23 matches
Mail list logo
