http://www.openbsd.org/policy.html "Source code published under version 2 of the Apache license cannot be included into OpenBSD."
On 4/3/06, David B. <[EMAIL PROTECTED]> wrote: > > hi, I see 3.9 is getting ready to be released. Do you plan on bundling > Apache2 with it? it would seem a logical thing to do, since the Apache > version currently bundled with it seems to have problems. > > I just lost my entire development box to a hack this week, right through > smoothwall's DMZ. I had apache up, postgresql installed with the mod_php > as > the middleware. All settings were default and the only port I had open > was > 80 through smoothwall. I even had all packets dropped that came from > asia, > south america and africa. > > The point being, if you sell security as your market niche, you might want > to make sure that, at least, Apache be up to date, and not a version from > 5 > years ago where who knows how many hacks there are out there for it. > > I don't mind rebuilding my development box from scratch because that's why > I > had it on the net like that anyway, simply to see how long it would take > for > someone to crash it. It took less than a month - that's not very good > from > a default security viewpoint. > > I'm assuming of course that Apache is the problem, as there are no logs or > anyway to tell what happened, but the hard drive started to make an awful > screaching sound as the drive was apparently being forced to track the > heads > back and forth very quickly. The drive is fine, but apache and postgresql > won't start, and the wtmp file was erased, so that when I did a 'last' > only > my most recent login came up. > > Anyway, it would be nice if Apache 2 were available for 3.9 > > -- Julien Cabillot
