[mapserver-dev] Tile Access API
Stephen Woodbridge
woodbri at swoodbridge.com
Thu Apr 17 15:30:44 EDT 2008
Christopher Schmidt wrote:
> On Thu, Apr 17, 2008 at 02:02:12PM -0500, Stephen Woodbridge wrote:
>> I have to agree with Daniel on this. This is exactly the issue about
>> package dependencies that I was griping about on my GDAL packaging
>> thread. IT sysadmins do not know the technology, they do not care, they
>> just want to minimize the risk, minimize the changes, etc. They are not
>> always enlightened and get cranky if something breaks and they have to
>> get up at 3am to fix it. They want the packages to be updated and and
>> not break when they update other system packages for security reasons.
>> So adding a caching utility to mapserver would not be a bad thing and I
>> would use it for sure.
>
> Er, this makes no sense to me.
>
> "We want only software which is tested, widely used, widely deployed,
> and has been thoroughly vetted: so we should create a new software
> package and use that."
>
> MapServer may have 'brand name trust': I accept that. But to claim that
> the creation of a new utility, and shoving it into MapServer's 'home',
> is somehow more secure than using another, existing, tool, is simply
> (imho) foolishness. Now, it's the kind of foolishness that IT
> departments are *great* at, so I'm not claiming that it doesn't happen:
> simply that it doesn't make sense.
>
> Regards,
No one said IT was smart, look at the blind trust of .NET code. ;)
But seriously, having a small purposed C application is easier to vet,
if only emotionally, than loading 20+ additional packages and worrying
about how each of them is configured from a security point of view.
-Steve
More information about the mapserver-dev
mailing list