On Tue, Mar 12, 2024 at 8:52 PM Michael Hekeler <mich...@hekeler.com> wrote:
> But please keep in mind that you have disabled chroot and this is not > recommended. > Maybe you want to consider to copy the needed files inside the chroot? > Or perhaps deploy mailman with something like gunicorn or uwsgi? > > Hi Michael, Thanks a lot for the suggestions and tips. It's a basic mailing list for few gaming discussions really, so escaping from chroot was not really that scary, at least in that case. OpenBSD, even unchrooted, is rock solid! No? :) After your suggestions, the latest httpd.conf is as follows; location "/" { block return 302 "/listinfo" } location "/icons/*" { root "/usr/local/lib/mailman/icons/" request strip 1 } location "/pipermail/*" { root "/var/spool/mailman/archives/public" request strip 1 } location "/*" { fastcgi socket "/var/www/run/slowcgi.sock" root "/usr/local/lib/mailman/cgi-bin" } my httpd.conf is much cleaner and simpler now, thanks to you guys all, it seems everything is all set now. Anything else I should pay attention to? Best, Mark.