[pkg-lighttpd] Bug#600050: Bug#600050: /etc/lighttpd/conf-available/15-fastcgi-php.conf: fastcgi-php file missing a required directive

Arno Töll debian at toell.net
Thu Apr 7 13:26:31 UTC 2011 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07.04.2011 15:12, Olaf van der Spek wrote:
> I've been thinking about this issue. Your idea is fine, but for the
> fastcgi module there might be another solution: What about loading it
> by default (in lighttpd.conf)?

> I think a majority of users use the module.

I don't think you should draw conclusions for the majority of users
based on your personal taste. Indeed the majority of users chooses
Debian because of its minimalistic approach (read: You don't need to
throw away stuff and packages on a freshly installed system/package).

That said you shouldn't assume FastCGI is used by virtually everyone,
since Lighttpd makes an excellent httpd daemon for serving static
content for example (which is how I use it very much).

I admit it wouldn't be such an issue to disable FastCGI if you don't
need it, but on the other hand, why activate it unless really necessary?
Especially since FastCGI, as "door" to server side code execution /can/
be a security threat.

Don't get me wrong, I'm not offensed if you oppose about my patch, but I
think it solves the problem in a much cleaner way than assuming
something for some people for some use cases. Moreover it solves the
problem for people being too lazy reading manual pages, since all they
need to do is to activate the FastCGI handler they want and dependencies
resolve to other modules required to run that handler.

- -- 
with kind regards,
Arno Töll
GnuPG Key-ID: 0x8408D4C4
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJNnbuHAAoJELBdpXvEXpo9Qp4P/RbVhNPV5xOTJUmB0LXHhf9J
tD4A5oq6tSPxYU7AqvK7VP4eGForUcwXboTdVhEMQhom+S/Bm/qNYHr/ugEU+WJn
eHZRVlXNqmp5JCbWRWDn+OjDzbHO44UMG8agkrsFfpi0MRccTgWXkIHGDST2cyI9
7GD++UEnc2a6YatPS1MUhPmwl5hTwkCDkpz80E49eavTRHmEGqkWCyuP0ym5V6fR
2Nt/KGEh/NT+1sPYTMQKV8EpuUxn/sdwROPSZV4mPHn5IiBk9qH3x6W37ZVldN30
WSVjt6Kh6tEX33MUa72xRfJ7p3x+RVIqcSrRBBHWSH1SYiFYJJgLNQx1KVFtcrUf
K4G7kwt32GednOOp+Jq7z1O4/5FdGFuz9N8SpPbDDkNKKDaqeJP4i/yKMTy4XG6L
cJZNK8neUjYlOcmihUfimMUsMalTeq92jxCRR3Qw1dj4UhtkkiJR8u5gH8UcIU25
C7VsNnvyKIhCfWamt/oAQTNvOPXxnhdTSFGLbhn+rhWNQrw/UbuFYKfYzZstuBh6
sqHIaVb7CuhLilJl5Q9eFQHokPztSGZaUjaWfW3xBlhBXTN8nDhHfiZ0o8GSEpY+
xGqpq4i/VFbZkb6D8OpAjmibqObfwHZ1Ro/Csb/Ug9pdr3qLJeUnhSDf1/fFJC7O
ossQvUJxuyehMqtMGEdW
=DqDM
-----END PGP SIGNATURE-----

More information about the pkg-lighttpd-maintainers mailing list