apache2 httpd 2.4.2 patch-httpd.conf.in
Bjarne D Mathiesen
macintosh at mathiesen.info
Fri Apr 27 18:21:05 PDT 2012
Ryan Schmidt wrote:
>> Now, as to the specifics from the Portfile:
>> # HFS can be case insensitive, so protect for this as in
>> # http://docs.info.apple.com/article.html?artnum=300422
>> patchfiles-append patch-httpd.conf.in-sensitive-files.diff
>> Is this patch still necessary ???
>
> You tell us! If equivalent changes have not been made in the apache source already, then yes the patch is still necessary to properly protect sensitive files on case-insensitive filesystems like OS X's default HFS+.
This patch is still necessary - wiht a little bit of editing it still
works as previously
--
Bjarne D Mathiesen
København N ; Danmark ; Europa
----------------------------------------------------------------------
denne besked er skrevet i et totalt M$-frit miljø
MacOS X 10.7.3 Lion ; 2.8GHz Intel Core i7 ; 16GB 1067MHz DDR3
-------------- next part --------------
--- docs/conf/httpd.conf.in 2007-12-21 05:43:00.000000000 -0600
+++ docs/conf/httpd.conf.in 2008-02-06 14:10:15.000000000 -0600
@@ -167,12 +167,18 @@
</IfModule>
#
-# The following lines prevent .htaccess and .htpasswd files from being
-# viewed by Web clients.
+# The following lines prevent .htaccess, .htpasswd and .DS_Store files and
+# Mac resource forks and named forks from being viewed by Web clients.
#
-<Files ".ht*">
+<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
Require all denied
</Files>
+<Files "rsrc">
+ Require all denied
+</Files>
+<DirectoryMatch ".*\.\.namedfork">
+ Require all denied
+</DirectoryMatch>
#
# ErrorLog: The location of the error log file.
More information about the macports-dev
mailing list