[pkg-horde] Bug#312360: horde3: Here is a proposed configuration
Lionel Elie Mamane
lionel at mamane.lu
Wed Aug 23 22:06:08 UTC 2006
On Wed, Aug 23, 2006 at 10:17:42AM +0200, Ola Lundqvist wrote:
> I suggest to add this to the README.Debian file. We already have the
> alias part there as far as I can remember.
We already have everything in the README.Debian:
(...)in particular, you need the following to apply to the
/usr/share/horde3/ hierarchy:
Options FollowSymLinks
AllowOverride Limit
For the webserver you also need to tell where your horde3 installation
is. This done by adding an alias to the apache configuration like
this:
Alias /horde3 /usr/share/horde3
> On Wed, Aug 23, 2006 at 07:21:01AM +0200, Lionel Elie Mamane wrote:
>> On Tue, Aug 22, 2006 at 11:42:08AM -0400, Roberto C. Sanchez wrote:
>>> On Tue, Aug 22, 2006 at 03:53:28PM +0200, Jerome Warnier wrote:
>>>> Please put the attached file as /etc/horde/horde3/apache.conf and
>>>> link to it from /etc/apache/conf.d and /etc/apache2/conf.d. It will
>>>> work out-of-the-box and make everybody happy.
>>>> Alias /horde3 "/usr/share/horde3/"
>>>> <Directory "/usr/share/horde3">
>>>> Options Indexes MultiViews FollowSymLinks
>>>> AllowOverride None
>>>> Order allow,deny
>>>> Allow From all
>>>> </Directory>
>> If we put something automatically, I'd rather put:
>> Alias ...
>> <Directory "/usr/share/horde3">
>> Options FollowSymLinks
>> AllowOverride Limit
>> Order ...
>> </Directory>
>>> NO!!!!!
>>> Are you crazy? I would not want an application which relies on
>>> authentication to the system to be accessible over a clear-text
>>> protocol my default. That is a decision that must be made by the
>>> system administrator.
>> It is not *that* bad... By default (in non-configured state) horde
>> does not rely on authentication to the system. Just anybody can
>> access the configuration interface without authentication. :-) So,
>> when the administrator configures reliance on authentication, he
>> can also change the Apache-Horde config to require TLS/SSL.
>> My worry is more the upgrades. People already have a working config,
>> we drop the default config in addition to that, hell breaks loose. If
>> we can manage to do the "link to it" part only on new installs, not
>> upgrades, I'd feel better about it.
--
Lionel
More information about the pkg-horde-hackers
mailing list