Re: Bug#23661: usr/doc should not be accessible through http servers by default
Hi,
Though trying to provide the equivalent of /etc/hosts.{allow,deny}
for services not controlled by tcp wrappers and inetd is laudable,
this specific case could easily be addressed by a simple change in
the default access.conf (this is apache specific, I am sure other
servers have equivalent mechanisms). This is what my access.conf
snippet for /usr/share/doc looks like:
<Directory /usr/share/doc>
Options Indexes FollowSymLinks
AllowOverride None
order deny,allow
deny from all
allow from localhost
allow from .green-gryphon.com
</Directory>
Voila. Best of both worlds.
Should this not just be a bug report agasinst all servers,
rather than being mandated by policy?
manoj
>>"Raul" == Raul Miller <moth@debian.org> writes:
Raul> My guess is that debconf could be pressed into service, here. For woody,
Raul> it would be nice to have a whole category of optional questions related to
Raul> "do you want this exported or not". Share some initial leading question
Raul> or three, so that people can choose whether they want this level of detail
Raul> at config time, and then leave the rest up to package implementation.
--
Real wealth can only increase. Buckminster Fuller
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: