On Wed, Jan 07, 2009 at 12:45:26PM +0100, Willem van Engen wrote: > Package: suphp > Version: 0.6.2-1+etch0 > > At compilation of suphp one of three security modes is selected as > described in: > http://www.suphp.org/DocumentationView.html?file=INSTALL > The current Debian package uses --with-setid-mode="owner" . While this > is convenient to get going right away, users of the paranoid mode are > left in the cold and have to compile their own package: using the > suPHP_UserGroup directive in the apache config results in an error > message when starting apache: "Invalid command 'suPHP_UserGroup', > perhaps misspelled or defined by a module not included in the server > configuration". > > The suPHP documentation specifically mentions that paranoid is the > preferred mode. Could an additional package please be created that is > compiled in the paranoid mode? > As a bonus it would be a good idea to mention something about this in > the package's README. >
I had already some (not mutch) complains about the default mode (this was the default in 0.5 and so stayed up to now). I didn't had the idea of creating another package to provide different modes, thanks :) I will look at this as soon as possible. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org