Date: Tue, 27 Apr 2004 03:04:54 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Brooks Davis <brooks@one-eyed-alien.net> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: If you're bored during the freeze Message-ID: <20040427100454.GA62551@xor.obsecurity.org> In-Reply-To: <20040427090425.GA21675@Odin.AC.HMC.Edu> References: <20040424011249.GA20496@xor.obsecurity.org> <20040427090425.GA21675@Odin.AC.HMC.Edu>
next in thread | previous in thread | raw e-mail | index | archive | help
--Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Apr 27, 2004 at 02:04:26AM -0700, Brooks Davis wrote: > On Fri, Apr 23, 2004 at 06:12:49PM -0700, Kris Kennaway wrote: > > I'm probably going to add /usr/local/www to BSD.local.dist so it > > becomes a "system" directory. >=20 > This sounds like a good idea to me. One related issue is ports that > intall under /usr/local/www/data/<subdir>. I've seen quite a few PHP > ports that do that and it's a bad idea since that directory may or may > not be a link to data.dist. I've moved my PHP ports to use > /usr/local/www/<subdir> and to have a pkg-message that shows an apache > <Alias> directive to add that to the web hierachy as /<subdir>/. Yes, nothing should install under data/ since that's where a live website usually lives, and it's Very Bad for ports to install themselves so they immediately show up there [1] Kris [1] e.g. some ports have insecure default settings; they may change the website behaviour; overwrite existing files, etc. --Nq2Wo0NMKNjxTN9z Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAjjBFWry0BWjoQKURAklzAKC40S+MxApoyy0pCzAeJg+mamE9tQCfaJj/ CPsG2XoTT8XPBvc8VOR+tjY= =/2j5 -----END PGP SIGNATURE----- --Nq2Wo0NMKNjxTN9z--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040427100454.GA62551>