From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JHQVU-0001pe-09 for garchives@archives.gentoo.org; Tue, 22 Jan 2008 21:18:08 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DB1E6E07A5; Tue, 22 Jan 2008 21:18:05 +0000 (UTC) Received: from creativecommunications.com (creativecommunications.com [65.17.124.162]) by pigeon.gentoo.org (Postfix) with ESMTP id C4D09E07A5 for ; Tue, 22 Jan 2008 21:18:05 +0000 (UTC) Received: from [192.168.1.178] (unknown [192.168.1.178]) by creativecommunications.com (Postfix) with ESMTP id B38C768C008 for ; Tue, 22 Jan 2008 15:18:05 -0600 (CST) Message-ID: <47965D8D.6000907@gentoo.org> Date: Tue, 22 Jan 2008 15:18:05 -0600 From: Andrew Gaffney User-Agent: Thunderbird 2.0.0.9 (X11/20071228) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] PHP4 References: <20080118110850.C41241@shell.bway.net> <47961632.5000000@foobar.lu> <479617AD.3040800@gentoo.org> <1201025554.5987.27.camel@localhost.localdomain> <4796382F.1060001@foobar.lu> <47963BC6.3030905@norm.lu> <1201029239.7553.13.camel@localhost.localdomain> <41195fb10801221118u5037b1bfl4da36148b4ed114b@mail.gmail.com> <4796470E.7040006@norm.lu> <4796506E.80204@foobar.lu> <1201036376.8508.3.camel@localhost.localdomain> In-Reply-To: <1201036376.8508.3.camel@localhost.localdomain> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 39020100-0d7f-49f5-bbdc-d7d88cc9aee3 X-Archives-Hash: 57d8efbc2497d632a736035c185304db Lindsay Haisley wrote: > On Tue, 2008-01-22 at 21:22 +0100, Yves Thommes wrote: >> if one of the sites on the >> server is compromised we can't gurantee the integrity of their >> data/website. > > It's far worse than this. If one of the sites on the server is > compromised then you can't guarantee the integrity of _any_ data/website > on that server. > > In the former case, it would be _their_ business decision, but this > really makes it yours. I was waiting for somebody to point this out. You continuing to run PHP4 on any of your servers makes *you* liable for damage to other customers' sites. Explain *that* to your management. That possibility should alone outweigh the cost of losing a few customers who don't want to migrate their stuff to PHP5. -- Andrew Gaffney http://dev.gentoo.org/~agaffney/ Gentoo Linux Developer Catalyst/Installer + x86 release coordinator -- gentoo-server@lists.gentoo.org mailing list