From owner-freebsd-security Thu Jun 20 4:12:20 2002 Delivered-To: freebsd-security@freebsd.org Received: from aristotle.tamu.edu (Aristotle.tamu.edu [165.91.161.90]) by hub.freebsd.org (Postfix) with ESMTP id 3492737B401 for ; Thu, 20 Jun 2002 04:12:18 -0700 (PDT) Received: from aristotle.tamu.edu (localhost [127.0.0.1]) by aristotle.tamu.edu (8.12.3/8.12.3) with ESMTP id g5KBBq8t064689 for ; Thu, 20 Jun 2002 06:11:52 -0500 (CDT) (envelope-from rasmith@aristotle.tamu.edu) Message-Id: <200206201111.g5KBBq8t064689@aristotle.tamu.edu> To: freebsd-security@FreeBSD.ORG Subject: Re: Apache 1.3.26 port In-Reply-To: Message from "Jonathan Arnold" of "Thu, 20 Jun 2002 06:58:47 EDT." <200206200658470001.031DD337@mail.speakeasy.net> Mime-Version: 1.0 (generated by tm-edit 7.106) Content-Type: text/plain; charset=US-ASCII Date: Thu, 20 Jun 2002 06:11:52 -0500 From: Robin Smith Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Worth adding that the apache port will also overwrite cgi-bin.default; if you have /cgi-bin symlinked to that, you are also hosed. Though it's easy enough to notice this, I too don't see why this particular gotcha needs to be in the port. Why not just let the port create empty data and cgi-bin directories rather than symlinks? This is really off-topic for freebsd-security, but those of you who've lost web site content might want to look again. Robin Smith To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message