On Thursday 23 October 2008, Valentin Bud wrote:

> May i ask a question. Why do you use phpmyadmin from ports?

Mainly to keep life simple [1].

> It 
> installs lots of libraries hence possible security threats in the
> future.

Well this particular box is already loaded up with what many would 
regard as too much KDE bloatware so most of the libraries would already 
be there anyway.

> So instead of 
> taking care of updating a bunch of libraries just for phpmyadmin why
> don't you simply download it from http://www.phpmyadmin.net/, put in
> the apache doc
> root, set it up and so you have to take care to update it when a new
> version comes
> out.

Well, providing it works, I'm not too particular about always having the 
latest and greatest version but I do want to upgrade if there are any 
security fixes and portaudit running from cron does a far better job of 
spotting these than if I had to remember to check manually. It was the 
a vulnerability reported by portaudit 
<http://preview.tinyurl.com/5vkfw6> that prompted me to upgrade 
phpMyAdmin when I re-instated the web server on this box.

[1] There are times when this KISS approach falls down. An earlier 
portupgrade while I was still running php4 resulted in phpMyAdmin 
acquiring a dependency on php5, which it promptly installed alongside 
php4 creating quite a bit of chaos in the process.

Mike Clarke
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to