Hello, Sorry to bother you with something more or less external to OpenBSD, however since I am settling a forum on my server and want to keep security high enough, please could you advise me about which forum shall be good enough according to you. For exemple, phpBB seems not good in terms of security and therefore will not be used. Regards JF
Not seen a good test, nor run one. But YaBB has been good to me in the past. --Sean Howard
I've heard good things about FluxBB and PunBB, but really you should consider using a mailing list instead of a server. -- Samuel Baldwin - logik.li
+1, mail list with archive it's always better than a forum.
Why is that better?
Yeah, really. Mailing lists are really really barebones. They are good for a suitably barebones community, but how do you go about implementing subforums, moderators, and so on? How do you integrate cute avatars and msn links? What if your users don't want to tie their email to the community but don't want to be bothered finding some free email provider to camp? For a lot of non-techie communities, forums are much easier. -Nick
Because you get to pick your UI, because all your mail as amalgamated into one mailbox where you can sort it yourself where there's no easy place for garbage "off-topic" discussion, because your mailbox is where messages can be threaded properly, because there are no avatars or forum stats or ranks or administrators or moderators to create politics, because they're low overhead and easy accessible, because low-traffic mailing lists still catch everyone's attention where a low-traffic forum will eventually be ignored by the users... so on and so forth. There's bound to be a bunch of sites or archived rants/debates about this. If it helps, compare your average forum goer with your average mailing list denizen. That alone should be enough... -- Samuel Baldwin - logik.li
I think you're being pretentious a little bit. A good usenet implementation is *closer* to a forum, which is what you want. But forums are a different (more dynamic) use case. With smaller entry barriers to large amounts of content. --Sean
The question was: "Does anyone know of a good secure Forum engine that runs well on OBSD." A debate of its merits vs a mailing list is a tad off topic and has nothing to do with OBSD. Thanks. On Sun, 11 Oct 2009 22:02 -0400, "Sean Howard" <firstname.lastname@example.org>
I will implement a forum because it is mean to be included as small lines in the end of some web pages for posting comments. Otherwise, if someone knows a secure comments system available either from package or from the web i'm interested. After some searches for few days, i've come to the point where I prefer not to implement anything rather than taking the ones I found either forum or comments scripts.
Something like Disqus is simple to integrate in a website, almost impossible to use to gain entry into *your* system (one possible definition of security - you'll need to be a bit more specific if that is not the one you had in mind), offers threading and e-mail notification of new comments, and so on and so forth. There are other players in this space, including at least IntenseDebate. I don't have too much experience with either system as a user, and none as a site owner/administrator. But they seem to suck less than I'd expect of a web-based option, and a mailing list is probably not the best place to comment on articles... Joachim
Hi, all other things aside: If you're on a mailing list, and the list is being shut down, you still get to keep your private mailing list archive, whereas, when the forum operator changes his forum software, or shuts down the forum, all past content is simply gone (or as good as). IOW, if you post to a forum, your content (what you submitted) essentially becomes theirs, and you don't even get to keep the pieces. Kind regards, --Toni++
Not true. Whenever I read an interesting forum post, I save the html file to my hard drive for future reference.
Yes and no... finding the "interesting forum post" needs to be done quickly, before disaster strikes, and it's much more hassle to save the web page in a way that can be read offline with ease and peace of mind (web bugs, broken style sheets, java script hell, IFRAMEs etc.pp., anyone?). With a mailing list, all of this happens "automatically", and then there are still MARC and GMANE. Kind regards, --Toni++ PS: I also try to save all interesting posts to my local disks, to be able to re-read these posts later, but it's still a PITA.
On Sun, Oct 11, 2009 at 9:17 PM, Samuel Baldwin Forum goers: kind of stupid, but friendly, or at least funny if they get into flamewars? Mailing list users: snotty and short with people? I think you misunderstand forums; have you ever even participated in one? Not needing to choose your UI is a feature, not a bug.
Yes, quite a few, and it drove me crazy and made my cynical. My favourite feature is having it all in one place, rather than having to keep track of a bunch of sites and monitor them; mailing lists all show up in my inbox and sort themselves. And I can do this with whatever mail client I like. -- Samuel Baldwin - logik.li
Hello, On Sun, 11 Oct 2009 13:13:00 -0400 I second on that one : FluxBB (which is based on PunBB) may be a good choice. It only includes what is really needed in a public web forum, and nothing else (for exemple, it does not includes a private messaging feature), so it is not as bloated as other forum engines might be, and it even works with PostgreSQL (by this I mean it is not limited to just MySQL...). But it's also somewhat hard to maintain from a sysadmin point of view. You have to modify the base source code by your own hands if you want to add some feature; the idea behind this is that you are forced to know what you do to add something that may be broken or insecure, so the community does not give you any patch nor automated process to modify the base source code. Regards, Maxime -- Maxime DERCHE GnuPG public key ID : 0x9A85C4C0 (fingerprint : 0FDC 16AF 5A5B 1908 786C 2B85 2D3C C83E 9A85 C4C0) http://www.mouet-mouet.net/maxime/blog/index.php
On Wed, Oct 14, 2009 at 10:06 AM, Maxime DERCHE <email@example.com> Something that really bugs me about web software is how they limit themselves to MySQL. I chose PunBB because it supported SQLite and had a solid module base, along with a builtin update manager. For OS forums, you could write support for your chosen DBMS into it and submit a patch. For closed source forums you're screwed. And if they really piss you off, you could always write your own. But yeah, I agree, OT. -- Aaron Mason - Programmer, open source addict - Oh, why does everything I whip leave me?
I presume you're talking primarily about bulletin boards. I know plenty of web developers that use PostgreSQL and SQLite. I think a better statement would be: "... how inexperienced web developers default to using MySQL because it has a lower barrier to entry, without considering if it's the right tool for the job or how to configure and secure it appropriately for Oh please don't. -- Jason Dixon DixonGroup Consulting http://www.dixongroup.net/
I was only stating the spirit of open source - if you don't like it, get your hands dirty and write your own. I've written my own forum -- Aaron Mason - Programmer, open source addict - Oh, why does everything I whip leave me?
Did you end up getting it right? (Sorry, I couldnt resist) paulm
Unfortunately SMF is not open source: http://www.simplemachines.org/about/opensource.php /Lars
|Greg Kroah-Hartman||[PATCH 01/75] platform: prefix MODALIAS with "platform:"|
|stephane eranian||Re: perf_counters issue with PERF_SAMPLE_GROUP|
|Mathieu Desnoyers||Re: Linux 2.6.25-rc2|
|Eric Sandeen||Re: [PATCH] xfs: do not pass unused params to xfs_flush_pages|
|Daniel Hazelton||Re: x86: 4kstacks default|
|Johannes Schindelin||[PATCH] fetch: refuse to fetch into the current branch in a non-bare repository|
|Junio C Hamano||Re: [PATCH] http-push: making HTTP push more robust and more user-friendly|
|Oliver Kullmann||Re: how to move with history?|
|Alex Riesen||Re: git exclude patterns for directory|
|Andreas Ericsson||Re: why not TortoiseGit|
|Andi Kleen||Re: RFC: Nagle latency tuning|
|Herbert Xu||Re: Oops in tun: bisected to Limit amount of queued packets per device|
|gregkh||Patch "IPv6: keep route for tentative address" has been added to the 2.6.34-stable...|
|Patrick McHardy||Re: [rfc 02/13] [RFC 02/13] netfilter: nf_conntrack_sip: Add callid parser|
|Krzysztof Oledzki||Re: Error: an inet prefix is expected rather than "0/0".|
|Linux Kernel Mailing List||sh: Fix compile error by operands(mov.l) in sh3/entry.S|
|Linux Kernel Mailing List||New device ID for sc92031 [1088:2031]|
|Linux Kernel Mailing List||tmpfs: depend on shmem|
|Linux Kernel Mailing List||drivers/acpi: use kasprintf|
|Linux Kernel Mailing List||Staging: et131x: prune all the debug code|
|Andres Salazar||About priorities in /etc/resolv.conf|
|Tonnerre LOMBARD||Re: bge0: watchdog timeout|
|ropers||Re: Real men don't attack straw men|
|Damien Miller||Re: Patching a SSH 'Weakness'|
|Tony Abernethy||Re: The Atheros story in much fewer words|