On 03/15/2012 03:44 AM, Frank Karlitschek wrote:
On 15.03.2012, at 00:47, Roland van Laar<[email protected]> wrote:
On 03/14/2012 01:49 PM, Frank Karlitschek wrote:
On 14.03.2012, at 01:46, Roland van Laar<[email protected]> wrote:
<snip>
If .htaccess files are not possible or a different webservers than apache is
used than it´s still safe to use ownCloud if the data directory is located
outside the htdocs folder. This is the recommended setup for our IIS, nginx,
lighttpd or other webserver users.
I agree that we should improve the checks during installation and show a proper
security warning to the user if the setup is not secure.
One of the main design goal of ownCloud is that is should run on as many
servers as possible without problems and don´t require manual configuration
from the user.
That's a good and noble goal, although the 'run everywhere' matra shouldn't
come before basic security
because private files that are accessible for the whole world is a bit of a
problem.
sure. But it is of course possible to setup ownCloud in a secure way as
described above.
Could you add more about this and security in the documentation,
especially on the Linux Server Installation page?
<snip>
There are a lot of areas in ownCloud where we need help.
If you need some inspiration you can have a look at:
http://owncloud.org/dev/junior-jobs/ or
http://bugs.owncloud.org/
Well I worked on bug 135 ;-).
Hehe. Yes. :-)
Not every bug that suggest a big design change is necessary a good idea of
course. :-)
It would be awesome if you would help us to improve ownCloud in other areas and
become a contributor.
OwnCloud is an interesting project that I would like to see become more and
more useful.
I already contributed some code and documentation :-).
And I would like to contribute more.
However I would like to see (a bit) more action by the current
maintainer/committers.
I made a merge request [4] and there hasn't been any action on it.
I also wrote and email about security [2] for the installation page [9]
because the default install on ubuntu is wide open and I haven't seen that
being picked up.
You are right of course. Sorry for the late reply.
I promisse to be more responsive in the future. :-)
Thnx,
Regards,
Roland van Laar
_______________________________________________
Owncloud mailing list
[email protected]
https://mail.kde.org/mailman/listinfo/owncloud
