What is wrong with using the ports/packages system? Why do people keep asking to replace x with y in base?
Whenever something is ready for base it'll happen. Until then you are saying: "you idiots don't know what you are doing because you are using x instead of y". Nice start to get a discussion going that will go absolutely nowhere. If you think x is superior by all means use it. It's in ports for crying out loud. USE IT. On Fri, Dec 07, 2007 at 10:10:58AM -0300, Andr?s wrote: > Here is two messages from Hugo Leisink (Hiawatha developer). You'll > note that the first has a newer date than the later, that's because I > delete it, and I asked Hugo to send it to me again :P > > Thought that his words could be useful. > > Greetings. > > ---------- Forwarded message ---------- > From: Hugo Leisink <[EMAIL PROTECTED]> > Date: Dec 7, 2007 10:02 AM > Subject: Re: Hiawatha > To: Andris <[EMAIL PROTECTED]> > > > > Andris wrote: > > Could you please send your first e-mail to me again? I forgot to save > > it to forward it later :P > > > > Greetings. > > > Sure, here it is: > > > Hi Andres, > > I saw your post about Hiawatha in OpenBSD. I'd like to respond to the > remarks about "Hiawatha's source code is free of security-bugs" on the > Hiawatha website. > > First of all, you have to take a look at the webserver market. You use > Apache, IIS, Lighttpd or you don't use anything at all. If you want > people to use your software, you have to 'beat Goliath'. People use > Apache, because everybody else does, even when Apache is the worse fit > for their purposes. I think Hiawatha has become a really good webserver. > It's faster then Apache, is more secure then Apache and definitly more > easy to configure then Apache. But people don't use it because 'it ain't > Apache'. So, to draw people's attention and to make them at least try > Hiawatha once, I have to make 'dangerous' statements like 'free of > security bugs'. > > Second, the reponses to your message are typical for the OpenBSD > community. It's like they own the word 'security'. Only OpenBSD is > secure, the rest is not. But I guess I don't have to remind you about > http://pwnie-awards.org/winners.html#lamestvendor Yes, Hiawatha has had > bugs too. And guess what, Hiawatha will have bugs in the future. But > none of the found bugs could have been used to take over the webserver > or deface websites. And unless someone proves me wrong, my claim that > "Hiawatha is the most secure webserver" stands. > > greetings, > Hugo > > ---------- Forwarded message ---------- > From: Hugo Leisink <[EMAIL PROTECTED]> > Date: Dec 7, 2007 4:33 AM > Subject: Re: Hiawatha > To: Andris <[EMAIL PROTECTED]> > > > Hi Andres > > Hi, thanks for the comments. I have two questions for you: > > > > 1. Would you let me forward this to [EMAIL PROTECTED] > > > I have no problems with that, but I think there will be enough OpenBSD > people not able to have a fair discussion about it (especially after my > second remark). > > > 2. Would you relicense Hiawatha? > > > I will never abandon the GPL license. So if it's possible for a piece of > software to have two licenses, I'm not negative towards using the BSD > license for Hiawatha. But of course, I first have to think about the > consequenses before actually doing so. > > > Even if OpenBSD does not prefer Hiawatha, a project goal still stands: > > "We strive to make our software robust and secure, and encourage > > companies to use whichever pieces they want to." > > > > And, IMHO, it applies to any project which seeks security. > > > I agree. And I think the OpenBSD project has done some really good jobs. > But it's the we-are-untouchable attitude of too many OpenBSD people that > keeps me away from it. I've had some discussions with OpenBSD people > before and too many of them weren't very pleasant. If someone finds a > bad thing in Hiawatha or has some good points about how things can be > done better, I'm the first one to say he's right. But if someone starts > saying that "Hiawatha is insecure and sucks because my coding style > doesn't match his" then the discussion is over for me. And let's be > honest, critizing a piece of software by only looking at it's project > website and not having the guts to even look at the source code, THAT is > 'sheer stupidity'. > > > So, yes, I'm willing to talk again with the OpenBSD community. And if > they choose Hiawatha, I will be very proud. And if they don't, I will > try to improve Hiawatha until they do like it. BUT.... not if words like > 'sucks', 'crap' and 'sheer stupidity' are being used. So, it's up to the > OpenBSD community. > > greetings, > Hugo
