Bug#312360: horde3: Here is a proposed configuration

Wed, 23 Aug 2006 15:36:28 -0700 

On Wed, Aug 23, 2006 at 10:17:42AM +0200, Ola Lundqvist wrote:

> I suggest to add this to the README.Debian file. We already have the
> alias part there as far as I can remember.

We already have everything in the README.Debian:

 (...)in particular, you need the following to apply to the
 /usr/share/horde3/ hierarchy:

    Options FollowSymLinks
    AllowOverride Limit

  For the webserver you also need to tell where your horde3 installation
  is. This done by adding an alias to the apache configuration like
  this:

      Alias /horde3 /usr/share/horde3

> On Wed, Aug 23, 2006 at 07:21:01AM +0200, Lionel Elie Mamane wrote:
>> On Tue, Aug 22, 2006 at 11:42:08AM -0400, Roberto C. Sanchez wrote:
>>> On Tue, Aug 22, 2006 at 03:53:28PM +0200, Jerome Warnier wrote:

>>>> Please put the attached file as /etc/horde/horde3/apache.conf and
>>>> link to it from /etc/apache/conf.d and /etc/apache2/conf.d. It will
>>>> work out-of-the-box and make everybody happy.

>>>> Alias /horde3 "/usr/share/horde3/"
>>>> <Directory "/usr/share/horde3">
>>>>            Options Indexes MultiViews FollowSymLinks
>>>>    AllowOverride None
>>>>    Order allow,deny
>>>>    Allow From all
>>>> </Directory>

>> If we put something automatically, I'd rather put:

>> Alias ...
>> <Directory "/usr/share/horde3">
>>      Options FollowSymLinks
>>      AllowOverride Limit
>>      Order ...
>> </Directory>

>>> NO!!!!!

>>> Are you crazy?  I would not want an application which relies on
>>> authentication to the system to be accessible over a clear-text
>>> protocol my default.  That is a decision that must be made by the
>>> system administrator.

>> It is not *that* bad... By default (in non-configured state) horde
>> does not rely on authentication to the system. Just anybody can
>> access the configuration interface without authentication. :-) So,
>> when the administrator configures reliance on authentication, he
>> can also change the Apache-Horde config to require TLS/SSL.

>> My worry is more the upgrades. People already have a working config,
>> we drop the default config in addition to that, hell breaks loose. If
>> we can manage to do the "link to it" part only on new installs, not
>> upgrades, I'd feel better about it.

-- 
Lionel


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to