I feel your pain. I support CentOS systems, and one even older RHEL system. PHP 4.x was the installed version on THAT. Obviously, not good enough.
As Fabien says, Symfony 1.2 has real dependencies on PHP 5.2.x so that requirement will not be going away. As for what you should do next: Please do not "just compile PHP" and then forget all about it and get clobbered the next time a PHP security bug comes along and someone isn't paying close attention. This is the very, very good reason why there IS a big difference in security between RPMs from a professionally maintained distribution and building it from source yourself, folks. Sysadmins who don't want to compile stuff from source are sysadmins who know how messy things can get when you lose track of all that stuff you compiled from source. The responsible choices are: 1. You can switch to a distribution which provides maintained, debugged packages of PHP 5.2.x, such as Ubuntu, or perhaps Fedora which is much more CentOS-like (though not quite as fanatically secure due to its more cutting-edge nature). This is a great idea, but I gather your admin is reluctant. 2. Buy a Zend Core subscription. Zend will then take care of making sure you have the latest and greatest PHP updated and working on your existing system. If your admin is so concerned about security, then tear loose a check and go for Zend: http://www.zend.com/en/products/core/ 3. Make it part of your admin's job to follow the PHP new releases blog and immediately rebuild PHP whenever a new 5.2.x release comes out. This is the only responsible way to build PHP from source on a production site. There are RSS feeds here: http://www.php.net/ I follow the third approach. I was reluctant to do so because I have MANY things to do other than system administration and I value the fact that official OS packages retroactively backport security patches from newer releases (at least while your distribution is still supported). But PHP is important enough to me to be worth the additional time and effort. I am working with certain clients to make sure they ALSO follow such practices rather than just getting me to compile PHP 5.2.x as a one-off and then walk away. Which is as bad as installing an old release of WordPress and then walking away from your client and saying "oh gee" when they get hacked a year later. (: -- Tom Boutell www.punkave.com www.boutell.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "symfony users" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-users?hl=en -~----------~----~----~----~------~----~------~--~---
