Re: New debconf template for webfs.
Dear Justin B Rye,
fredag den 27 juni 2014 klockan 23:09 skrev Justin B Rye detta:
>
> (730376 = the switch of default docroot to /var/www/html, 727803 =
> complications in defaults for directory indexing.)
>
> [...]
> > Template: webfsd/web_root
>
> Unchanged apart from the l10n-proof path, so it probably just needs to
> be defuzzed or whatever the word is.
Reasonable!
> > Template: webfsd/web_index
> > Type: string
> > _Description: Directory index filename:
> > If webfsd receives a request for a directory, it can optionally look for an
> > index file to be sent to the client. Common names are "index.html" and
> > "default.html".
> > .
> > If you leave this field empty, an implicit index file will never be
> > delivered as the result of a request for a directory. Instead,
> > webfsd can construct a directory listing for any requested directory.
> > However, the server will send the listing to the client only if this
> > action has not been disabled using the command line switch '-j'.
> > Add this switch as an extra option for best secrecy.
>
> (The second paragraph used to be just "If you leave this field empty,
> webfsd will send a directory listing to the client.")
>
> Also, it introduces generated listings as if they're only relevant
> when there's no defined index filename; but that's not right - you
> also get them if a particular directory happens not to contain a file
> of that name! (Unless of course you've disabled them, in which case
> presumably it just gives something errorlike).
A very keen observation.
> Third, I'm not keen on "best secrecy" (as if web servers existed to
> help me prevent files being distributed). And it doesn't want me to
> add the switch *here*! Do they go in web_extras?
Good point; yes they do.
> After a couple of cycles of clarifying then squeezing I get this:
>
> Template: webfsd/web_index
> Type: string
> _Description: Directory index filename:
> If webfsd receives a request for a directory, it can optionally look for an
> index file to send to the client. Common names are "index.html" and
> "default.html". If you leave this field empty, webfsd will never treat any
> files as indexes for directories.
Better: ... , webfsd will never treat any file as index of a directory.
(I thought "indices" to be the correct plural form.)
> In the absence of an index, webfsd will normally construct a listing for
> any requested directory. However, if you consider automatic directory
> listings a security risk they can be disabled by adding the server option
> '-j' in '/etc/webfsd.conf'.
>
> Is that still saying what we want it to say?
We would want to express that '-j' can go into the variable 'web_extras'
in the configuration file, or equally well be incorporated at the later
debconf question 'webfsd/web_extras'. Unfortunately, at least in the ncurses
interface, the debconf questions are not named or otherwise made distinct.
My wording would thus comes to this:
Template: webfsd/web_index
Type: string
_Description: Directory index filename:
If webfsd receives a request for a directory, it can optionally look for an
index file to send to the client. Common names are "index.html" and
"default.html". If you leave this field empty, webfsd will never treat any
file as index of a directory.
.
In the absence of an index, webfsd will normally construct a listing for
any requested directory. However, if you consider an automatic directory
listing to present a security risk, then this can be disabled by adding
the server option '-j' to the variable 'web_extras' in '/etc/webfsd.conf'.
By the way, is the switch from quotation characters to apostrophes
worthy our attention?
Further corrections are welcome! Regards,
Mats E Andersson
Reply to: