[horde] cache question
Niels Dettenbach
nd at syndicat.com
Mon Feb 7 10:18:23 UTC 2011
Am Samstag 05 Februar 2011, 00:05:25 schrieb Michael M Slusarz:
> These are PHP opcode cachers not Horde cache backends. They have
> nothing to do with horde (although they are useful to speed up ANY PHP
> based script).
I was a little bit unclear here, sorry for that.
Hordes config options (as admin panel) offered eAccelerator (up to ver 0.9.5)
as one option as a "horde cache backend driver". Beside opcode caching we did
not used / acticated any / many of the further of the available caching
options (i.e. data / runtime vars) horde offers byself as we want to avoid any
thinkable / experienced inconsistencies (i.e. within user sessions etc.) at
the cost of a possible performance hit. But this is just our practice fitting
our former or current needs...
> There are no security flaws in memcached that I am aware of.
http://seclists.org/bugtraq/2009/Aug/55
http://seclists.org/bugtraq/2009/Aug/123
http://www.cvedetails.com/cve/CVE-2010-1152/
(but these afaik was solved today)
> It is why a memcache server should NEVER be on a
> publicly accessible network.
Binding memcached on a local iface is clear byself (as that a net of memcache
servers [ideally] should run within somekind of a dedicated network).
> Besides
> the fact that it has NO AUTHENTICATION whatsoever. But that is a
> feature, not a flaw.
There are many thinkable and real situations / constellations (i.e. multi-user
/ multi-application scenarios) where memcached (especially older and unpatched
versions) is not suitable as it is not secure enough against i.e. access from
another local user / application (this is why there are several more or less
useful patches around for memcached). This is why we run memcached in a few
scenarios only.
But - as i told - my experiences within the couple memcached / horde are a few
monthes / years and not all of my informations related to memcache are
up2date.
Sorry for the noise...
cheers,
Niels.
--
---
Niels Dettenbach
---
Syndicat IT&Internet
http://www.syndicat.com
T.-Muentzer.-Str. 2, 37308 Heilbad Heiligenstadt - DE
---
Kryptoinfo:
PGP public key ID 651CA20D
Fingerprint: 55E0 4DCD B04C 4A49 1586 88AE 54DC 4465 651C A20D
https://syndicat.com/pub_key.asc
---
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.horde.org/archives/horde/attachments/20110207/338104e0/attachment.bin>
More information about the horde
mailing list