[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#340947: apache2-common: standard path to virtual host document roots under /var/www?

Package: apache2-common
Severity: wishlist


suexec's default configuration forces cgi-scripts to be in /var/www,
even for virtual hosts. otoh, /etc/apache2/sites-available/default has
a quite liberal access policy and would allow access to
/var/www/www.foo.example/htdocs via the default virtual host, which
might not be desireable.

Please consider having a default definition for a "virtual host
directory" like /var/www/virtual-hosts, which has "deny from all" set
in /etc/apache2/sites-available/default in the package version of the

        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
                # This directive allows us to have apache2's default start page
                # in /apache2-default/, but still have / go to the right place
                RedirectMatch ^/$ /apache2-default/

        <Directory /var/www/virtual-hosts>
                Order allow,deny
                deny from all

Then, /var/www/virtual-hosts/www.foo.example could be used as document
root for a virtual host without having it accessible from the default
virtual host, and suexec could be used.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)

Reply to: