Hi Ludwig,
The latter is certainly wrong as the web server allows full access to those files by default then. IMO /srv/www/ is also the wrong location. Just put the files in /usr/share/NAME or /usr/lib/NAME like any other non-web application would do it. Ever thought /usr/share/NAME is for files "shared" to other apps, isn't it. For me a "webapp" should have its files in /srv/www/NAME.
Proper packages have their program code in a read only location and config files in /etc/. I don't understand why web stuff should be any different there even though sloppy programming seems to be more common in that area. agreed.
We have a policy to not enable daemons by default to avoid accidentally wide open systems. That's a good practice for any kind of service IMO. Unfortunately we lack infrastucture and tools to manage web apps properly. A tool like chkconfig that also understands virtualhosts etc would be nice, wouldn't it? :-) Yes, I agree partly. as an example postfix is installed by default, but should not be open to the world. OK But when I "definitly" install a webapp (webmailer) I want to have it "work" when I start apache. I like "ready-to-run" installations. ;)
-- Christian ---------------------------------------------------- - Please do not 'CC' me on list mails. Just reply to the list :) ---------------------------------------------------- Der ultimative shop für Sportbekleidung und Zubehör http://www.sc24.de ---------------------------------------------------- -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org