On Sun, 29 Mar 2015 22:49:00 +0200 frantisek holop wrote: > and i have no beef with the chroot patch. > it is in fact a nice addition, but it is not > part of nginx itself,
Why not? I think that is the real issue but perhaps upstream has refused on some odd basis? I don't use nginx but it seems more correct for OpenBSD to have the default chrooted port or not and if anything then a nochroot flavor, after all it should be secure by default and you may well notice as you have if it is chrooted but some... many? would not check if it wasn't and possibly assume that it was.