From owner-freebsd-security  Thu Jun 20  5: 3: 7 2002
Delivered-To: freebsd-security@freebsd.org
Received: from tomts8-srv.bellnexxia.net (tomts8.bellnexxia.net [209.226.175.52])
	by hub.freebsd.org (Postfix) with ESMTP
	id C074437B409; Thu, 20 Jun 2002 05:03:02 -0700 (PDT)
Received: from localhost ([65.95.162.21]) by tomts8-srv.bellnexxia.net
          (InterMail vM.5.01.04.19 201-253-122-122-119-20020516) with ESMTP
          id <20020620120257.PFCO14183.tomts8-srv.bellnexxia.net@localhost>;
          Thu, 20 Jun 2002 08:02:57 -0400
Date: Thu, 20 Jun 2002 08:03:01 -0400
Subject: Re: Apache 1.3.26 port
Content-Type: text/plain; charset=US-ASCII; format=flowed
Mime-Version: 1.0 (Apple Message framework v482)
Cc: freebsd-ports@freebsd.org
To: freebsd-security@FreeBSD.ORG
From: Bryan Fullerton <bryanf@samurai.com>
In-Reply-To: <20020620113115.GA73571@starjuice.net>
Message-Id: <AB28EF78-8445-11D6-A5AC-0003936377F0@samurai.com>
Content-Transfer-Encoding: 7bit
X-Mailer: Apple Mail (2.482)
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


On Thursday, June 20, 2002, at 07:31 AM, Sheldon Hearn wrote:

> Is it because people are replacing the contents of data.default with
> their own content and leaving the symlink in place?

It's because the port does things significantly differently than 
installing from the distribution tarball and doesn't explain what it's 
doing. In this case, patching the Makefile.tmpl to include lines that do 
a rm -rf of the *.default directories.

Regardless, this seems more a -ports issue than a -security issue.

> If so, then the problem has to do with the fact that folks aren't using
> the symlinks and .defaults directories as intended.  I think the
> intention was always for the operator to replace the symlink with either
> a directory or a symlink to the directory containing local content.

That the intention isn't clear indicates that this needs clarification. 
That people have lost data indicates that the documentation is 
incomplete.

Bryan


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message