[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#402010: How to deal with #402010?


On Saturday 05 April 2008 11:26:14 am Cajus Pollmeier wrote:
> The problem is that these aspects are not packagable as some kind of
> "fire and forget" installation. I'd prefer the way Roland proposed,
> using some kind of

option 3 could work out of the box, though it just requires more initial setup 
work to get right in the packaging.  i'm not saying it's the Right Way, but 
it would provide the necessary compartmentalizing.

> RequestHeader set FooPassword very-secret-credentials

i suspect php users will still be able to find that out, in the same way that 
they can read ssl private keys from the webserver's memory (you *did* know 
they can do that, right? :)


Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to: