[sles-beta] php disappeared in beta6?

Wendy Palm wendy at cray.com
Thu May 15 07:58:36 MDT 2014 

We have many sites that are not connected to the internet due to security concerns.
All our systems are delivered and supported without direct network access.

I download all the security update rpms, package them together and provide them to our customers via a secure connection.
They load them onto a drive (or burn to cd/dvd) and transfer the files to the internal network to do the updates.

Unfortunately, one of our offerings does use php5, so requiring this registration and online access will inhibit our systems considerably.


> -----Original Message-----
> From: sles-beta-bounces at lists.suse.com [mailto:sles-beta-
> bounces at lists.suse.com] On Behalf Of Richard Brown
> Sent: Thursday, May 15, 2014 8:38 AM
> To: sles-beta at lists.suse.com
> Subject: Re: [sles-beta] php disappeared in beta6?
> 
> On Thu, 2014-05-15 at 12:23 +0000, Pieter Hollants wrote:
> > And as long as your next German flight's security is guaranteed by
> > months-taking software approval procedures, we need ISOs, not online
> > repos.
> 
> Possibly a naive question, but with such a software approval procedure
> how do you handle the deployment of software patches?
> 
> In high security environments, I totally understand the need to prevent
> servers from direct internet access, but surely you still need to apply
> patches to your servers? Isn't this even more important for web
> scripting languages like PHP, which are often a common vector for
> attack?
> 
> SUSE don't supply patches via ISOs, but provide SMT and SUSE Manager to
> give ways of getting those patches to internet-disconnected machines. It
> looks to me that Modules would slot into these two products in the same
> way that Patch sources do.
> 
> (as an aside, SLE 12 in my test environment is autodetecting nearby SMT
> and SUSE Manager servers and offering to register against them instead
> of SCC. I haven't tested this yet)
> 
> I see some benefit of being able to install PHP via an ISO, but after
> anything longer than a few weeks I'd be deathly concerned about putting
> it in production, as it would be unpatched and therefore most likely
> vulnerable.
> 
> Regards,
> 
> --
> -------------------------------------------------------------------
>   Richard Brown, QA Engineer
>   Phone +4991174053-361,  Fax +4991174053-483
>   SUSE LINUX Products GmbH,  Maxfeldstr. 5,  D-90409 Nuernberg
>   Geschaeftsfuehrer: Jeff Hawn, Jennifer Guild, Felix Imendoerffer,
>   HRB 16746 (AG Nuernberg)
> -------------------------------------------------------------------
> 
> 
> _______________________________________________
> sles-beta mailing list
> sles-beta at lists.suse.com
> http://lists.suse.com/mailman/listinfo/sles-beta

More information about the sles-beta mailing list