[horde] horde interapplication conflicts
Chuck Hagenbuch
chuck at horde.org
Sun Feb 18 21:02:41 PST 2001
Quoting Nico Galoppo <scratch at ace.ulyssis.org>:
> Are you sure that it's safe to put all the horde code in a publically
> accessible webdir, security-wise?
Assuming that there aren't bugs in php or apache that might expose the config
files, yes. But you are correct in that it is safer (if you're willing to admit
that those holes might exist, and hey, security is spelled p-a-r-a-n-o-i-a) to
keep things out of the webroot if possible.
You can do this with IMP, and I've been working on the other apps, but I need
to document it. The way I have it set up with IMP is that a single script uses
PATH_INFO to handle all requests, and includes the necessary stuff. Works
pretty well, though it makes you be a bit more specific about paths (not as
much can be relative). One of these days I'll document it. Also, I'll respond
to your original message - apologies for letting it go so long, but it's been a
crazy week.
-chuck
--
Charles Hagenbuch, <chuck at horde.org>
"We have no fuel on board, plus or minus 8 kilograms." -A NASA scientist
More information about the horde
mailing list