On Fri, 12 Mar 2010 16:05 -0700, "Bob Beck" <b...@ualberta.ca> wrote: > On 12 March 2010 12:53, Brad Tilley <b...@16systems.com> wrote: > > On Fri, 12 Mar 2010 10:10 -0800, "patrick keshishian" > > <pkesh...@gmail.com> wrote: > >> does disabling this option /really/ improve security? > > > > No, not unless you consider keeping files that are > > inappropriately/accidentally copied to these directories a security > > issue. It seems inline with OpenBSD's off by default posture, that is > > the only reason I suggested it. > > It *IS* off by default. I have yet to see an OpenBSD machine that I > can install that > will come up with httpd turned on.
We are not talking about the same thing. I understand that httpd is off by default. The *option* is on by default in the config file. Brad
