Re: [cobalt-developers] RaQ replacements

[Michael Stauber <devel@xxxxxxxxxxxxxx>]

Hi John,

> What about moving some of the older RaQ4rs to Linux servers using Ensim
> control panels?

I worked a little with Ensim and Plesk boxes and from my security minded 
perespective there is one crucial problem:

You take a basic linux installation (RedHat, Debian, or whatever you prefer) 
and put the control panel on top of it. Plesk then installs its own mailer 
daemon, own web server, it's own MySQL and so on.

Now what do you do in regards to security updates? Sure, Plesk provides 
security patches for all the software it brings aboard. But updating the 
underlying OS is up to you.

On a RedHat box you then need to be really careful with "up2date" when you 
fetch your patches for the OS. Or you risk that your Plesk installation (or 
parts of it) might get toasted once you install needed RedHat updates.

All the Plesk boxes I've seen so far had horrible security leaks half a year 
down the road, because the underlying OS was either never updated, or not 
updated properly. 

An interesting alternative (aside from the Qbalt project) could be EnGarde 
Secure Linux:

http://store.guardiandigital.com/html/eng/products/software/esp_overview.shtml

I'll be trying it out within the next two weeks, but I like their security 
minded approach. However, the price tag on it is almost as impressive as the 
feature list.

-- 

With best regards,

Michael Stauber