On 3/9/06, Karanbir Singh mail-lists@karan.org wrote:
consider this -> there are a lot of apps that require and are bound to the python version distributed within centos itself. An updated python will almost never make it into any of the centos repositories. if you really really need an updated python, look at the pyvault repo. And remember, you will move a significant number of system components from centos away to pyvault's repo. Your upgrade path and security fix patch for these pkgs and components will also no longer be centos.
I did not consider this. CentOS was a delibrate choice as it offered a tested system. Now, requirement of Plone is getting me to upgrade to Python 2.4
My question is: - Pyvault Repo - as the repository is offering the latest Python, the focus must be on introducing the latest software, it would become vulnerable to untested bugs, just as Fedora would be?
- Regarding Leonel's suggestion of installing a second copy of Python into /opt from source & zope/plone into the same...what security risk would I be inviting? I don't want to compromise the entire machine, as it would be on the web & prone to at least the automated probe based attacks, assuming I am not important enuff to be attacked for my own sake.
- I am currently experimenting with Xen. Would moving the machine to a Xen Kernel build & using the standard Centos version for mail & web in one dom and the newer python with zope/plone on second, be a better security model? I am assuming Xen based kernel won't introduce any new vulnerabilities into the Centos...am I correct?
- Or should I get a seperate machine for the Plone CMS altogether, though it would be a waste of resources, because both machines will have little load for at the very least a year.
- Can anyone suggest a Distro, that is has latest python but has a slower release schedule than Fedora & is solid from the point of view of releasing only stable versions of softwares. I want to consider this as an option for a seperate Plone machine.
-OR can anyone suggest a CMS that works with postgreSQL and offers a full workflow model like plone & is as versatile. I would not mind replacing proposed installation plone & remain with Centos, if I can find something as good. I already don't like Plone's half-heated support of postgreSQL and its trying to invent its own web-server instead of using apache, which is rock-solid.
Please comment.
With regards. Sanjay.