[Pkg-apache-commits] [SCM] Debian packaging for apache2 (Apache HTTPD 2.x) branch, next, updated. 6767aa5aad234e71a23ca86b2ecf22d5903e86f2

[Arno Töll]

The following commit has been merged in the next branch:
commit 6767aa5aad234e71a23ca86b2ecf22d5903e86f2
Author: Arno Töll <arno at debian.org>
Date:   Sat Apr 14 23:26:47 2012 +0200

    Explain our security model

diff --git a/debian/config-dir/apache2.conf b/debian/config-dir/apache2.conf
index 2aa3e2c..3c9b2a2 100644
--- a/debian/config-dir/apache2.conf
+++ b/debian/config-dir/apache2.conf
@@ -138,18 +138,32 @@ ErrorLog ${APACHE_LOG_DIR}/error.log
 #
 LogLevel warn
 
+# Include module configuration:
+IncludeOptional mods-enabled/*.load
+IncludeOptional mods-enabled/*.conf
+
+# Include list of ports to listen on
+Include ports.conf
+
+
+# Sets the default security model of the Apache2 HTTPD server. It does
+# not allow access to the root filesystem except of /usr/share and
+# /var/www. The former is used by web applications packaged in Debian,
+# the latter may be used for local directories served by the web server.
 
-# XXX: Add comments
 DocumentRoot /var/www
+
 <Directory />
     Options FollowSymLinks
     AllowOverride None
     Require all denied
 </Directory>
+
 <Directory /usr/share>
     AllowOverride None
     Require all granted
 </Directory>
+
 <Directory /var/www/>
     Options Indexes FollowSymLinks
     AllowOverride None
@@ -157,14 +171,7 @@ DocumentRoot /var/www
 </Directory>
 
 
-# Include module configuration:
-IncludeOptional mods-enabled/*.load
-IncludeOptional mods-enabled/*.conf
 
-# Include list of ports to listen on
-Include ports.conf
-
-#
 # AccessFileName: The name of the file to look for in each directory
 # for additional configuration directives.  See also the AllowOverride
 # directive.

-- 
Debian packaging for apache2 (Apache HTTPD 2.x)