Re: concerns about Salsa
- Date: Mon, 11 Jun 2018 18:02:29 +1000
- From: Dmitry Smirnov <onlyjob@xxxxxxxxxx>
- Subject: Re: concerns about Salsa
On Friday, 8 June 2018 12:11:49 PM AEST Paul Wise wrote: > In my experience the Wordpress upstream auto-upgrade system is > typically faster than the Debian's handling of Wordpress. I also get > the impression that the number of CVEs (let alone all security issues) > is scaling faster than the amount of folks in Debian who are handling > them. I have some positive experience of looking after production Wordpress instance installed from Debian packages in a corporate environment. I'm quite happy with rate of Wordpress updates in Debian but more importantly packaged Wordpress have some interesting advantages: 1) Wordpress core is under package management control, not writable by web server. That eliminates one major security flaw so Wordpress can not update itself. Installing from packages helps to have better control over installed software. 2) Wordpress staff is usually somewhat under-qualified offshore people who can not touch Wordpress core as they have no rights to do so (no access). 3) Packaged wordpress helped to circumvent silly corporate security policy blocking outgoing HTTP requests as we were upgrading packages through package proxy (apt-cacher-ng). -- All the best, Dmitry Smirnov. --- The great enemy of the truth is very often not the lie -- deliberate, contrived and dishonest, but the myth, persistent, persuasive, and unrealistic. Belief in myths allows the comfort of opinion without the discomfort of thought. -- John F Kennedy
Description: This is a digitally signed message part.