[CentOS] centos 5 and php53

John R Pierce pierce at hogranch.com
Mon Oct 15 13:32:02 EDT 2012


On 10/15/12 2:53 AM, Reindl Harald wrote:
> any application which does not run years after 5.3 was released
> and also a long time after 5.4 is released can be considered as
> broken and insecure
>
> "requires a vey complex upgrade"
> so you do not upgrade the application and ignore security-issues?

get off that 'horse', it is an ass.

the upgrade path would be to recreate the website from scratch with a 
different CMS, spending 100s of hours copying and reformatting old 
pages.   its a hobby site, it works as is and I have better things to do 
with my time.

In this case, the security exposures are purely if you allow untrusted 
users logins on this particular CMS.  I limit authenticated user access 
strictly to a few trusted users (web editors), there are no exposures.   
from the perspective of an anonymous user, this particular website is 
purely static.   as the server hasn't been hacked or defaced in 5 years, 
it appears my assumptions here are valid.





-- 
john r pierce                            N 37, W 122
santa cruz ca                         mid-left coast



More information about the CentOS mailing list