[MacPorts] #38461: Port request: apache_mod_hfs_apple
MacPorts
noreply at macports.org
Mon Sep 9 19:35:49 PDT 2013
#38461: Port request: apache_mod_hfs_apple
-----------------------------------+--------------------------------
Reporter: egall@… | Owner: macports-tickets@…
Type: request | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.1.3
Resolution: | Keywords:
Port: apache_mod_hfs_apple |
-----------------------------------+--------------------------------
Comment (by mp@…):
A Portfile for **mod_hfs_apple** is now available in attachment
:mod_hfs_apple-portfile-20130910
The current version is 14, which means it is based on the module source in
http://opensource.apple.com/source/apache_mod_hfs_apple/apache_mod_hfs_apple-14/
, which solves the vulnerability in apache2 with HFS, where the __source__
of .php files is served by apache2 instead of being evaluated.
So, http://localhost/index.p%E2%80%8Chp now doesn't reveal the source of
index.php, as shown in ticket:38452
(and http://packetstormsecurity.com/files/120820/Apple-Security-
Advisory-2013-03-14-1.html).
Since I'm only running Tiger at the moment, that is what it is tested on,
but it should work on any OS X version.
Even though I'm quite pleased with the solution - where
activation/deactivation is completely controlled by the `port` command -
comments and any possible improvements are most welcome.
-----
As it is now, upon installation/activation of the port,
{{{
LoadModule hfs_apple_module modules/mod_hfs_apple.so
}}}
is automagically added to the apache configuration file, and apache2
gracefully restarted.\\
`(post-activate: apxs -e -a)`
If the port is deactivated, the module is first commented out in the
apache2 configuration file,
apache2 restarted gracefully, and then the module is removed.\\
`(pre-deactivate: apxs -e -A)`
--
Ticket URL: <https://trac.macports.org/ticket/38461#comment:7>
MacPorts <http://www.macports.org/>
Ports system for OS X
More information about the macports-tickets
mailing list