On Tue, Mar 12, 2024 at 8:52 PM Michael Hekeler <mich...@hekeler.com> wrote:
> But please keep in mind that you have disabled chroot and this is not
> recommended.
> Maybe you want to consider to copy the needed files inside the chroot?
> Or perhaps deploy mailman with something like gunicorn or uwsgi?
>
>
Hi Michael,
Thanks a lot for the suggestions and tips.
It's a basic mailing list for few gaming discussions really,
so escaping from chroot was not really that scary, at least in that case.
OpenBSD, even unchrooted, is rock solid! No? :)
After your suggestions, the latest httpd.conf is as follows;
location "/" {
block return 302 "/listinfo"
}
location "/icons/*" {
root "/usr/local/lib/mailman/icons/"
request strip 1
}
location "/pipermail/*" {
root "/var/spool/mailman/archives/public"
request strip 1
}
location "/*" {
fastcgi socket "/var/www/run/slowcgi.sock"
root "/usr/local/lib/mailman/cgi-bin"
}
my httpd.conf is much cleaner and simpler now, thanks to you guys all,
it seems everything is all set now.
Anything else I should pay attention to?
Best,
Mark.
