On Mon, May 04, 2009 at 13:01:10 +0200, Patryk Zawadzki wrote:
> Do we keep %config files in publicly accessible dirs? If we do, we
> should be shot. And then shot again.
I don't know if we do now, but we might (remember that packages were
kept entirely in /home/services/httpd some time ago, I doubt every
single one get moved). Can you guarantee that noone has such leftovers?
Moreover - situation as before is de facto standard, so there might be
people having their own code which may be altered. So i see DEsecurity
here[*] with no gain at all.
Following this way we should take 01_mod_authz_host.conf and change:
<FilesMatch "^\.ht">
to:
<Files *.htaccess>
[*] security means filter as much as possible; in this case it's "'don't
expose as much as possible" - so the change would be acceptable among
with filtering access to every *.php*.* (maybe with *~ and *.rpm{save,new}).
--
Tomasz Pala <[email protected]>
_______________________________________________
pld-devel-en mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
