On 10/15/12 2:53 AM, Reindl Harald wrote:
> any application which does not run years after 5.3 was released
> and also a long time after 5.4 is released can be considered as
> broken and insecure
>
> "requires a vey complex upgrade"
> so you do not upgrade the application and ignore security-issues?
get off that 'horse', it is an ass.
the upgrade path would be to recreate the website from scratch with a
different CMS, spending 100s of hours copying and reformatting old
pages. its a hobby site, it works as is and I have better things to do
with my time.
In this case, the security exposures are purely if you allow untrusted
users logins on this particular CMS. I limit authenticated user access
strictly to a few trusted users (web editors), there are no exposures.
from the perspective of an anonymous user, this particular website is
purely static. as the server hasn't been hacked or defaced in 5 years,
it appears my assumptions here are valid.
--
john r pierce N 37, W 122
santa cruz ca mid-left coast
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
