Searching for a proper nagios replacement

Andreas Ericsson ae at op5.se
Thu Aug 13 13:30:13 CEST 2009


Alexander Wirt wrote:
> Andreas Ericsson schrieb am Thursday, den 13. August 2009:
> 
> Hi, 
> 
>>> now with the release of 3.2.0 and the stupiest decision ever - the move to a
>>> php frontend - I'm looking for a replacement. 
>>>
>>> It should be: 
>>>
>>> - compatible with nagios plugins
>> That would be Big Brother then, I guess.
>>
>>> - developed with security in mind. (yes that means no php)
>>>
>> Do you really think that coding web-applications in C is more secure than
>> writing them in PHP? What do you base that assumption on?
> The horrible history of php itself.

The horrible history of php, or the horrible history of php applications?

> The language is bad designed

This is an objective opinion. Please keep them away from serious technical
discussions.

> and the
> interpreter is full of bugs which leads to more security implications than
> most people could imagine. History also shows that the php devs are not able
> to handle their own bugs nor do they proper security management. After the
> last 2 breakins via php and php applications we decided to not use php
> anymore. 

Via php or via php applications? If you consider the history of bugs in C
applications that lead to remote code exploitation, I think you'll find that
php is quite secure. Ofcourse, a lot more fledgling programmers write code
in php, and they do not always have a single clue about security concerns.
That doesn't mean it's impossible to write secure php applications. It just
means you have to vet those applications before you actually trust them with
sensitive data, just as you would with a C program.


-- 
Andreas Ericsson                   andreas.ericsson at op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

Considering the successes of the wars on alcohol, poverty, drugs and
terror, I think we should give some serious thought to declaring war
on peace.

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july




More information about the Developers mailing list