[horde] horde interapplication conflicts

Chuck Hagenbuch chuck at horde.org
Sun Feb 18 21:02:41 PST 2001

Quoting Nico Galoppo <scratch at ace.ulyssis.org>:

> Are you sure that it's safe to put all the horde code in a publically
> accessible webdir, security-wise?

Assuming that there aren't bugs in php or apache that might expose the config 
files, yes. But you are correct in that it is safer (if you're willing to admit 
that those holes might exist, and hey, security is spelled p-a-r-a-n-o-i-a) to 
keep things out of the webroot if possible.

You can do this with IMP, and I've been working on the other apps, but I need 
to document it. The way I have it set up with IMP is that a single script uses 
PATH_INFO to handle all requests, and includes the necessary stuff. Works 
pretty well, though it makes you be a bit more specific about paths (not as 
much can be relative). One of these days I'll document it. Also, I'll respond 
to your original message - apologies for letting it go so long, but it's been a 
crazy week.


Charles Hagenbuch, <chuck at horde.org>
"We have no fuel on board, plus or minus 8 kilograms." -A NASA scientist

More information about the horde mailing list