[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: 3.9 coming out



http://www.openbsd.org/policy.html
"Source code published under version 2 of the Apache license cannot be
included into OpenBSD."

On 4/3/06, David B. <incomex_(_at_)_hotmail_(_dot_)_com> wrote:
>
> hi, I see 3.9 is getting ready to be released.  Do you plan on bundling
> Apache2 with it?  it would seem a logical thing to do, since the Apache
> version currently bundled with it seems to have problems.
>
> I just lost my entire development box to a hack this week, right through
> smoothwall's DMZ. I had apache up, postgresql installed with the mod_php
> as
> the middleware.  All settings were default and the only port I had open
> was
> 80 through smoothwall.  I even had all packets dropped that came from
> asia,
> south america and africa.
>
> The point being, if you sell security as your market niche, you might want
> to make sure that, at least, Apache be up to date, and not a version from
> 5
> years ago where who knows how many hacks there are out there for it.
>
> I don't mind rebuilding my development box from scratch because that's why
> I
> had it on the net like that anyway, simply to see how long it would take
> for
> someone to crash it.  It took less than a month - that's not very good
> from
> a default security viewpoint.
>
> I'm assuming of course that Apache is the problem, as there are no logs or
> anyway to tell what happened, but the hard drive started to make an awful
> screaching sound as the drive was apparently being forced to track the
> heads
> back and forth very quickly.  The drive is fine, but apache and postgresql
> won't start, and the wtmp file was erased, so that when I did a 'last'
> only
> my most recent login came up.
>
> Anyway, it would be nice if Apache 2 were available for 3.9
>
>


--
Julien Cabillot



Visit your host, monkey.org