Re: New module proposal: gnome-user-share

Le vendredi 24 octobre 2008 à 12:53 -0400, David Zeuthen a écrit :
> As I said, it's clear to me that Apache does meet our goals here. If you
> want to propose something else, the burden is on you to provide evidence
> that what you propose is not only reasonably secure, but also have good
> processes in place for dealing with vulnerabilities.

The last times it happened, it seemed to me that lighttpd developers
have good processes when it comes to security.

One other thing to consider wrt. security is the code size, and apache
binaries are about twice as large.

There are of course other advantages with using lighttpd, such as less
memory footprint, better performance and a much more flexible
configuration scheme; it may not be necessary for gnome-user-share, but
it’s much less error-prone and that’s another possible cause of bugs.

Contrary to what the name suggest, lighttpd is not just a lightweight
web server, it is a powerful and complete implementation used by some of
the biggest websites.

> (FWIW, I don't mean to belittle libsoup-as-a-server (my understanding is
> that libsoup is mostly used as a client so that's where the focus is)

Currently, the only HTTP-serving application we ship by default with
GNOME in Debian is rhythmbox, and it uses libsoup. Just like with other
things, we’d like to avoid multiplying the implementations. The simple,
GObject-oriented API makes it a very good candidate for other
desktop-oriented applications; the issue at hand is DAV support.

: :' :      We are Lower your prices, surrender your code.
`. `'       We will add your hardware and software distinctiveness to
  `-        our own. Resistance is futile.

Attachment: signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]