[svlug] moin moin vs wiki

Chris Miller lordsauronthegreat at gmail.com
Fri Dec 29 16:04:21 PST 2006 

On 12/28/06, Rick Moen <rick at linuxmafia.com> wrote:
> Quoting Chris Miller (lordsauronthegreat at gmail.com):
>
> > Let me clarify.  When I say "roll my own" I mean literally make a new
> > Wiki system from the ground up custom tailored to exactly the role
> > SVLUG wants.
>
> Very cool.  It could be really nice, and I for one would be eager to see
> it.  At the same time, the sysadmin in me is cautious on one point.
> Well, two:

Yes, I know that no one is perfect, and my code won't be 100% secure.
However, I'm fairly certain I'm capable of producing a smaller, more
perfect solution to SVLUG's needs than a big umbrella-solution like
MoinMoin or Mediawiki.  Closest analogy: one size fits all shirts
work, but a custom-tailored one will work better.

> > It comes from the web design philosophy you taught me about avoiding
> > cookie-cutter, off the shelf solutions because they can be insecure.
> > My profession is programming, so getting down and dirty with PHP 5 and
> > MySQL doesn't scare me.  I can see it scaring other people, but it
> > doesn't scare me.  I know, I'm weird.
>
> It's definitely possible to do competent, well-architected applications
> using PHP -- despite the fact that it almost never occurs, despite the
> many unadvertised pitfalls, and despite some bad basic language design.

Totally agreed.  I'm actually pining to do some work with Java Tomcat
and see what that's all about.  I know Java almost inside and out by
now, so Tomcat might be an interesting thing for me.  But I don't have
the time yet.

> Far be it from me to argue with your choice of coding language, but I
> _would_ like to point out that several obvious alternatives exist
> without those problems:  Ruby (with or without Ruby on Rails), Python,
> even Perl.  (Note that "taint mode" improved Perl immensely as a Web
> programming tool.  Why the heck doesn't PHP have that?  It's scandalous.)

I do agree that PHP can be inherently insecure if not written
correctly.  My arguments against the languages you listed are all the
same:  I don't know <your language here.>  If you could pay for a
class that I could take, I'd love to go learn it (seriously) but right
now I'm focusing on teaching myself C++ (not easy) so PHP comes with
me for the moment.

> And the other thing is, of course, MySQL.  Nothing wrong with it as a
> database[1], but a number of wiki implementations (including but not
> limited to MoinMoin) have made the point that one doesn't _need_ that
> degree of extra complexity, except when you reach really high degrees of
> scaling.  (I.e., Wikipedia is big enough to actually need database
> backend storage; a LUG Web site is nowhere near needing it.)

I like to use MySQL for other things.  Data storage like whole wiki
pages?  No.  Stupid.  Get lost.  Holding the WHIRLPOOL password hashes
and emails of the SVLUG members?  Good idea.  Calendar items?  Good
idea.  Hypothetical voting system?  Hypothetically a good idea.  MySQL
is like a drug: you don't take it for everything.

> [1] Well, actually, there is, and you'd be _way_ better off starting
> with PostgreSQL for many purposes.  See:  "MySQL Gotchas" on
> http://linuxmafia.com/kb/Apps/ .  Yes, that hasn't been updated for 5.0,
> but you can determine for yourself that some aspects of MySQL are so
> basic that they haven't changed, and really couldn't without breaking
> existing code.

I just pick MySQL all the time because it's got really good
documentation and a lot of existing users I can annoy whenever I have
a problem.  I know PSQL is "better" than MySQL; I just pick the path
of least resistance if it's something that doesn't have terrible
ramifications.  Bottom line: MySQL works.  It's reasonably secure.
PHP works.  I'm reasonably secure with it.  Apache 2.0 works.  It's
reasonably secure (and Fedora won't let me use 1.3 without a gigantic
fight, so I just gave up.  Apache 2/1.3 is so transparent to a coder
like me that it's irrelevant for me to think about for too long,
anyway.)

-- 
==  ==  ==  Ƒ 5 |) 3 |/  ==  ==  ==
==    ( 0 |) 3    \|/ 4 |2 |2 | 0 |2    ==
==  ==  7 | |\| µ Ж    6 µ |2 µ  ==  ==

More information about the Svlug mailing list