1 |
On Mon, 4 Jan 2016 01:26:28 +0100 |
2 |
Sebastian Pipping <sping@g.o> wrote: |
3 |
|
4 |
> Hi! |
5 |
> |
6 |
> |
7 |
> Better late then never. Posting 72 hours from now the earliest as |
8 |
> advised by GLEP 42. Feedback welcome as usual. |
9 |
> |
10 |
> |
11 |
> =========================================================== |
12 |
> Title: Apache "-D PHP5" needs update to "-D PHP" |
13 |
> Author: Sebastian Pipping <sping@g.o> |
14 |
> Content-Type: text/plain |
15 |
> Posted: 2016-01-04 |
16 |
> Revision: 1 |
17 |
> News-Item-Format: 1.0 |
18 |
> Display-If-Installed: app-eselect/eselect-php[apache2] |
19 |
> |
20 |
> With >=app-eselect/eselect-php-0.8.1, to enable PHP support |
21 |
> for Apache 2.x file /etc/conf.d/apache2 no longer |
22 |
|
23 |
... 2.x, the file ... |
24 |
|
25 |
> needs to read |
26 |
|
27 |
=> should no longer read |
28 |
|
29 |
> |
30 |
> APACHE2_OPTS="......... -D PHP5" |
31 |
> |
32 |
> but |
33 |
> |
34 |
> APACHE2_OPTS="......... -D PHP" |
35 |
> |
36 |
> , i.e. without "5" at the end. This change is related to |
37 |
|
38 |
instead, i.e. ... |
39 |
|
40 |
> unification in context of the advent of PHP 7.x. |
41 |
|
42 |
Vague. |
43 |
|
44 |
> With that change, guard "<IfDefine PHP>" in file |
45 |
> /etc/apache2/modules.d/70_mod_php.conf |
46 |
> has a chance to actually pull in PHP support. |
47 |
|
48 |
We'd like to be pretty certain that PHP application server is going to |
49 |
"actually" do that. |
50 |
|
51 |
> Without updating APACHE2_OPTS, websites could end up serving |
52 |
> PHP code (include configuration files with passwords) |
53 |
> unprocessed to website visitors! |
54 |
|
55 |
That would mean there is an additional (local) security problem. |
56 |
|
57 |
|
58 |
|
59 |
jer |