>
> I'm absolutely agree with Rich and Bill.
> I'll take a look at Eric's patch and try to cobble something together
> that will might fulfill the purpose.
>
And here it is. Very spectacular indeed;)
The next sensible thing would be to move AllowOverride and Options in
directory context - i.e.: The only place where they actually make sense.
o/~
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: [email protected]
URL: http://brainsware.org/
Index: docs/manual/mod/core.xml
===================================================================
--- docs/manual/mod/core.xml (revision 1036686)
+++ docs/manual/mod/core.xml (working copy)
@@ -2948,7 +2948,7 @@
directory</description>
<syntax>Options
[+|-]<var>option</var> [[+|-]<var>option</var>] ...</syntax>
-<default>Options All</default>
+<default>Options FollowSymLinks</default>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context><context>.htaccess</context>
</contextlist>
Index: server/core.c
===================================================================
--- server/core.c (revision 1036686)
+++ server/core.c (working copy)
@@ -114,7 +114,7 @@
/* conf->r and conf->d[_*] are initialized by dirsection() or left NULL */
- conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_ALL;
+ conf->opts = dir ? OPT_UNSET : OPT_UNSET|OPT_SYM_LINKS;
conf->opts_add = conf->opts_remove = OPT_NONE;
conf->override = OR_UNSET|OR_NONE;
conf->override_opts = OPT_UNSET | OPT_ALL | OPT_SYM_OWNER | OPT_MULTI;
Index: CHANGES
===================================================================
--- CHANGES (revision 1036686)
+++ CHANGES (working copy)
@@ -34,6 +34,11 @@
*) core: In the absence of any AllowOverride directives, the default is now
"None" instead of "All". PR49823 [Eric Covener]
+ *) core: In the absence of any Options directives, the default is now
+ "FollowSymlinks" instead of "All". This is analogous to the above,
+ and matches our default httpd.conf.in, as well as the security document.
+ [Igor GaliÄ]
+
*) mod_proxy: Don't allow ProxyPass or ProxyPassReverse in
<Directory> or <Files>. PR47765 [Eric Covener]
