rahul wrote: > > Hi, > Updated diffs are posted, please do review. > http://cr.opensolaris.org/~vrthra/6675431.modules/
*** usr/src/cmd/apache2/modules/Makefile.sfw - Don't duplicate hardcoding the apache version "2.2", get it from a common location (such as ../apache.build.env) *** usr/src/cmd/apache2/modules/security2.conf - What's the purpose of this entry? 58 SecRule REQUEST_URI "sfw" "deny" - For the rest of the content here, where does it come from? Is it a standard minimal mod_security config from the upstream distro or from elsewhere? *** usr/src/pkgdefs/SUNWapch22r-dtrace/prototype_com *** usr/src/pkgdefs/SUNWapch22r-fcgid/prototype_com *** usr/src/pkgdefs/SUNWapch22r-jk/prototype_com *** usr/src/pkgdefs/SUNWapch22r-security/prototype_com - All these suffer from the same problem, that all the conf files are read-only and non-editable. So users are not allowed to make any changes to the configuration? That can't be right. *** usr/src/pkgdefs/SUNWapch22r-dtrace/depend *** usr/src/pkgdefs/SUNWapch22r-fcgid/depend *** usr/src/pkgdefs/SUNWapch22r-jk/depend *** usr/src/pkgdefs/SUNWapch22r-security/depend - The depend files in sfw seem to always start with the default depend and add on any extra ones. Best to follow convention. -- Jyri J. Virkki - jyri.virkki at sun.com - Sun Microsystems
