OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 25-Aug-2004 17:57:29
Branch: HEAD Handle: 2004082516572800
Added files:
openpkg-src/php php.ini
Modified files:
openpkg-src/php php.spec
Log:
Ok, until now nobody gave my a short, clean and reasonable secure
default PHP configuration, here is my home-brewn version. Keep in mind
that I'm not a PHP freak, so perhaps I totally misunderstood some
directives. Feel free to fix.
Summary:
Revision Changes Path
1.1 +15 -0 openpkg-src/php/php.ini
1.89 +4 -3 openpkg-src/php/php.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/php/php.ini
============================================================================
$ cvs diff -u -r0 -r1.1 php.ini
--- /dev/null 2004-08-25 17:57:28 +0200
+++ php.ini 2004-08-25 17:57:28 +0200
@@ -0,0 +1,15 @@
+;;
+;; php.ini -- PHP Configuration
+;;
+
+[PHP]
+register_globals = off ; Global variables are no longer registered for input
data
+safe_mode = on ; Enable Safe Mode (file UID comparisons)
+safe_mode_gid = off ; Whether to relax Safe Mode to file GID comparisons
+display_errors = off ; Errors will NOT be displayed
+log_errors = on ; Errors will be logged
+max_execution_time = 60 ; Maximum execution time of each script, in seconds
+max_input_time = 60 ; Maximum amount of time each script may spend parsing
request data
+memory_limit = 8M ; Maximum amount of memory a script may consume
+post_max_size = 8M ; Maximum amount of POST data accepted
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/php/php.spec
============================================================================
$ cvs diff -u -r1.88 -r1.89 php.spec
--- openpkg-src/php/php.spec 25 Jul 2004 09:39:57 -0000 1.88
+++ openpkg-src/php/php.spec 25 Aug 2004 15:57:28 -0000 1.89
@@ -38,7 +38,7 @@
Group: Language
License: PHP
Version: %{V_php}
-Release: 20040725
+Release: 20040825
# package options
%option with_bc no
@@ -102,6 +102,7 @@
# list of sources
Source0: http://static.php.net/www.php.net/distributions/php-%{V_php}.tar.gz
+Source1: php.ini
Patch0:
http://www.hardened-php.net/hardened-php-%{V_php}-%{V_php_hardened}.patch.gz
Patch1: php.patch
@@ -479,8 +480,8 @@
# install default configuration file
%{l_shtool} mkdir -f -p -m 755 \
$RPM_BUILD_ROOT%{l_prefix}/etc/php
- %{l_shtool} install -c -m 644 /dev/null \
- $RPM_BUILD_ROOT%{l_prefix}/etc/php/php.ini
+ %{l_shtool} install -c -m 644 \
+ %{SOURCE php.ini} $RPM_BUILD_ROOT%{l_prefix}/etc/php/
# strip down installation
strip $RPM_BUILD_ROOT%{l_prefix}/bin/* >/dev/null 2>&1 || true
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
