Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject: no Suhosin
PostPosted: Fri Jun 17, 2011 12:24 pm 
Offline
Senior Newbie

Joined: Fri Jun 17, 2011 12:20 pm
Posts: 13
Could someone be so kind as to suggest a distro that DOES NOT include Suhosin (PHP 5.3)? I know it is included with Ubuntu 10.x and believe it to be included with Ubuntu 9.x.

This add-on, patch, etc is causing problems with flash related applications and is a royal pain to remove. My attempts to remove it have not yet been successful and am considering moving to a different distribution.

Thank you for your thoughts and comments.


Top
   
 Post subject:
PostPosted: Fri Jun 17, 2011 1:05 pm 
Offline
Senior Member

Joined: Sun Mar 07, 2010 7:47 pm
Posts: 1970
Website: http://www.rwky.net
Location: Earth
I'm pretty sure the red hat derivatives (centos/fedora) don't use suhosin by default. Debian derivatives do. Not sure about arch/gentoo/slackware

What problems are you having with suhosin, if memory serves the debian php package only contains the patch which doesn't do much in the way of restricting things.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue


Top
   
 Post subject:
PostPosted: Fri Jun 17, 2011 1:15 pm 
Offline
Senior Newbie

Joined: Fri Jun 17, 2011 12:20 pm
Posts: 13
@obs Thank you for the fast reply.

I guess this leads me to one other question.

I have used Fedora in the past but am not familiar with CentOS. Could anyone comment as to substantial differences between them in respect to server configurations?

I am looking at a LAMP type configuration that is secure.
Apache2, MySQL and PHP 5.x (preferably 5.3).

Main focus is to host multiple websites that I have created via VirtualHosts options.

Thank you.


Top
   
 Post subject:
PostPosted: Fri Jun 17, 2011 1:28 pm 
Offline
Senior Member

Joined: Sun Mar 07, 2010 7:47 pm
Posts: 1970
Website: http://www.rwky.net
Location: Earth
centos = old and "stable" however it's versions of PHP are so old they're pretty useless (php 5.1) (roll on centos 6!)

fedora = new and "unstable" fedora has a short life cycle (see http://fedoraproject.org/wiki/LifeCycle ... _.28EOL.29)

Personally I wouldn't use either of them in a server system, if I had to use one I'd chose centos and get updated rpms from a 3rd party repo (see http://wiki.centos.org/AdditionalResources/Repositories), fedora's life cycle is too short IMHO to use as a server.

If I were you I'd try and resolve my issues with suhosin and stick with ubuntu/debian.

Alternatively you could try one of the other supported distros I don't know much about them but googling them will provide info on life cycle, php details etc, and someone else that uses them might chirp up here.

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue


Top
   
 Post subject:
PostPosted: Fri Jun 17, 2011 1:53 pm 
Offline
Senior Member

Joined: Thu May 21, 2009 3:19 am
Posts: 336
I don't know what Ubuntu is using and it may depend on your application, but the Suhosin patch that Debian uses doesn't cause any problems for a few flash based apps on my sites. One is a flash based uploader, the other is a slideshow.

I know that the full-on Suhosin binary does cause issues with a lot more than just flash based apps though. It's definitively a trade off of "let's make your server 'secure' but you can't do a whole lot of anything, have fun" type of "enhancement"


Top
   
 Post subject:
PostPosted: Sun Jun 19, 2011 9:38 am 
Offline
Senior Newbie

Joined: Thu Jun 02, 2011 12:00 pm
Posts: 18
I've CentOS with PHP 5.3, no Suhosin, no problems. On the CentOS website it highlights "php53 is available as a php replacement", I assume because there are no known issues.


Top
   
 Post subject:
PostPosted: Sun Jun 19, 2011 3:59 pm 
Offline

Joined: Sun Jun 19, 2011 3:58 pm
Posts: 1
Website: http://gionn.net
Location: Italy
You can try to enable suhosin simulation mode: http://www.hardened-php.net/suhosin/con ... simulation


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group