Peter Tribble wrote: > On 10/30/07, Sriram Natarajan <Sriram.Natarajan at sun.com> wrote: > >> Hi >> Our current PHP integration in Open Solaris does not automatically add >> / load the PHP5 module within Apache. Now, this requires developers to >> manually load this PHP5 module within Apache. I am sure every one agrees >> that users prefer to have PHP5 integrated automatically rather than >> users have to do it manually. >> > > If by "integrate" you mean "enable in the configuration file" then > definitely not. > I would absolutely expect that even if the module was installed that it would > be > disabled and would have to be explicitly enabled by an administrator. > > This is what secure by default is all about. >
Can you be more specific regarding the known security issues there? We are trying to make SXDE developer friendly (D is for Developer), and are trying to avoid as much as possible extra configuration for the SAMP stack... Anyway, the apache service will not be enable by default, so a 'user' action would be required there (as root or any other privileged user to start apache)... Again, we are talking about SXDE...Maybe the default setting for Solaris 11, 12 etc would be different, but we need a good "D"eveloper experience for SXDE, so that applications can be developed there without advanced knowledge of Solaris, SMF, privileges, RBACs, etc... Thanks, Ludo
