On Thu, Sep 30, 1999 at 07:31:00PM +0100, Marco Budde wrote: > Ok, you#re right. But the classic http daemons (cern for example) used/use > chroot() for security reasons. You#re right, the current apache package > supports symlinks, but will all users use apache? Will all users use > FollowSymLink (a dangerous feature?). Is a http daemon broken, because it > doesn#t follow these symlinks?
(1) If the daemon can serve /usr/anything when the docroot is /var/www chroot() is not happening. (2) Did you completely miss my post which pointed out that the >>server<< does not have to follow symlinks? You can construct the index page ahead of time. -- Raul