CAcert System Admins discussion list

[Guillaume ROMAGNY <guillaume AT cacert.org>]

Hello,


Le 02/02/2011 12:59, Wytze van der Raay a écrit :

>> Or if this does not work we should go for some kind of
>> > virtualized environment where a full distribution is running, so it can
>> > be easily upraded with the tools of the used linux distribution...
> Currently the effort is to keep as few tools/libs/stuff around in the
> chroot environment, to give as little rope as possible to a successful
> intruder. Running a full distro in there would defeat that purpose ...

We have good habits for years now. So my guess is we need to stick to it
and move slowly and carefully. We have coped with critical php bugs in
the past.

We have limited but reliable critical team resources. So I am following
their pieces of advice with care.

But yes, we would need to move forward one day... but software team
projects never went very far so we deal we what we have. note : recently
www.cacert.org is faster than in the past which is nice.

Kind regards,

Guillaume

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature