Skip to main content

I set up my own friendica instance for testing + potentially developing addons to propose to @Ben Weinstein-Raun . (Main experience: surprisingly large amounts of "this is broken, why doesn't it log anything anywhere?")

I've been away from PHP for a long time and had forgotten how normal it is that you put your code in all the folders that your webserver is configured to send to your clients, and you have to make some of the folders writable by the webserver or it won't work. I can kind of imagine lots of PHP-native people being like "sure, that makes sense" but it sounds so insane to me. How many security compromises would never have happened if someone early in PHP's development demanded better filesystem-level separation of code and data, and demanded that the places you could write to and the places you ran code from weren't the same places?

@Ben Weinstein-Raun
in reply to Ben Millwood

Ben Millwood
Ben Millwood
also @Ben Weinstein-Raun would you care if I packaged friendica for NixOS? I'm guessing no, but I've been enjoying packaging things recently so I thought I might as well ask (I think it's reasonably likely that I'll do it for myself, but if you care then I'll do it faster, and talk to you about what options would be useful etc.)
@Ben Weinstein-Raun
This entry was edited (2 weeks ago)
in reply to Ben Millwood

Ben Weinstein-Raun
Ben Weinstein-Raun
I probably wouldn't; this instance is running a copy of the official docker container and I think I won't want to switch to something else