A question that I have yet to see answered about OS X Server...
Why would anybody want to use the server builtin features for some simple things like webserving, ftp, mail, etc? I can understand how nice the GUI is for Kerberos / LDAP / OD / Windows share stuff, but it's pretty darn simple to compile Apache / PHP / MySQL / Postfix (or MTA of choice). It seems to me that Apple's updates for these pieces of software are fairly slow, which would mean that the system is inherently less secure than it should be. I mean, take something like BIND - it's insecure in the 10.4.2 configuration (using BIND 9.2.2, rather than 9.3.0) -- but it also seems like it should be up to 9.3.0, since it is one of the top 3 SANS vulnerabilities!
Do people really just use OS X Server because it slaps a pretty GUI on everything? I'm planning on putting my MAMP / Postfix system offsite, in a data center that's about 30 minutes away. Whenever a new patch comes out, it will be difficult to go out there _every_ time, so I need to be able to update all my software *quickly* via the command line. In this case, should I just plan on turning off all of Apple's builtin packages, and running my own daemons via a compiled setup, perhaps located in /opt?
Does anyone have a compelling reason (outside of lack of knowledge / desire to spend effort) why they should put up with flawed daemon software, just to get a GUI?
Thanks,
Travis
Why would anybody want to use the server builtin features for some simple things like webserving, ftp, mail, etc? I can understand how nice the GUI is for Kerberos / LDAP / OD / Windows share stuff, but it's pretty darn simple to compile Apache / PHP / MySQL / Postfix (or MTA of choice). It seems to me that Apple's updates for these pieces of software are fairly slow, which would mean that the system is inherently less secure than it should be. I mean, take something like BIND - it's insecure in the 10.4.2 configuration (using BIND 9.2.2, rather than 9.3.0) -- but it also seems like it should be up to 9.3.0, since it is one of the top 3 SANS vulnerabilities!
Do people really just use OS X Server because it slaps a pretty GUI on everything? I'm planning on putting my MAMP / Postfix system offsite, in a data center that's about 30 minutes away. Whenever a new patch comes out, it will be difficult to go out there _every_ time, so I need to be able to update all my software *quickly* via the command line. In this case, should I just plan on turning off all of Apple's builtin packages, and running my own daemons via a compiled setup, perhaps located in /opt?
Does anyone have a compelling reason (outside of lack of knowledge / desire to spend effort) why they should put up with flawed daemon software, just to get a GUI?
Thanks,
Travis