[php-maint] Bug#685340: php5-common: provide one /etc/apache2/conf.d/php5.conf for all SAPIs

[Christoph Anton Mitterer]

Package: php5-common
Version: 5.4.4-4
Severity: wishlist


Hi Ondrej.

Sorry for not having had this idea earlier, it just came to me last night (and Marco d'Itri
came up with the same at d-d, too).

The suggestions is that php5-common ships a /etc/apache2/conf.d/php5.conf, which defines
the necessary handlers and/or MIME-types.


This would have the advantages:
- All SAPIs share the same config, thus no surprises.
- No longer the need for manually configuring Apache with respect to PHP when using CGI/FCGI
- We can largely drop the special section about CGI from README.Debian



I personally, would strongly recommend AGAINST also having the Action/ScriptAlias directive there;
admins or package maintainers should place them in the <Directory> definitions where this
is needed.
It's simply unclean and even dangerous to enable interpreation of PHP files server-wide, as
it's now done by mod_php packages.
If we stop doing this, we need however likley changes in many other Debian packages,
which now trusted on that global activation.
So this is rather a goal for jessie.


My suggestion for such a php5.conf would again be the version from #674205:
-------------------------------------------------------------
#Note: The following is a security measure to remove any possible mappings that would also apply on “middle extensions” (for example “test.php.png”).
RemoveType php
<Files ?*.php>
        AddType application/x-php php
</Files>
-------------------------------------------------------------
Repeatedly for all the extensions you want to be included.

The discussion of why <Files> is better than <FilesMatch> (how even that could be optimised) and about
RemoveType can be found there, so no need to cite this again here.


Cheers,
Chris.