httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeffrey A. Stuart" <jstuart-apa...@neo.rr.com>
Subject RE: Flame bait: Apache-2.0 on Unix is almost unusable.
Date Fri, 26 Jan 2001 23:01:06 GMT
Why not?  IMHO Apache should set a good example as a net neighbor and
"force" a base system.  If that means for Linux, a recent kernel and a
recent version of glibc, so be it!  You are already requiring certain things
to be on the system... (IE a C compiler, etc)  So go a step further and
require a relatively secure system...

--
Jeff Stuart
jstuart@neo.rr.com

-----Original Message-----
From: rbb@covalent.net [mailto:rbb@covalent.net]
Sent: Friday, January 26, 2001 10:53 AM
To: Sascha Schumann
Cc: rbb@covalent.net; new-httpd@apache.org; Jeff Trawick
Subject: Re: Flame bait: Apache-2.0 on Unix is almost unusable.


> > Since (I believe) we were on a 2.2 kernel at the time, and an
> > up-to-date glibc (for that time), I would prefer if Apache
> > didn't just assume that everybody has upgraded.
>
>     If they did not upgrade, they are subject to many remote
>     attacks.  Those attacks can at least crash the whole system,
>     possibly allowing the attacker to take over the system.  I
>     think we should encourage people to use more recent software,
>     instead of continuing to support dangerous releases.  If
>     Apache 2.0 is installed on such a system and that system is
>     broken into, it might as well generate bad PR for Apache
>     (this happened recently to thttpd where compatibility was
>     rated higher than security).

IMHO, the apache group has no right to force somebody to upgrade their
OS.  There are many vulnerable platforms out there, and we can't take
responsability for forcing people to get off of them.

Ryan

____________________________________________________________________________
___
Ryan Bloom                              rbb@apache.org
406 29th St.
San Francisco, CA 94131
----------------------------------------------------------------------------
---


Mime
View raw message