[php-maint] Bug#685340: php5-common: provide one /etc/apache2/conf.d/php5.conf for all SAPIs
Christoph Anton Mitterer
calestyo at scientia.net
Sun Aug 19 23:11:54 UTC 2012
Package: php5-common
Version: 5.4.4-4
Severity: wishlist
Hi Ondrej.
Sorry for not having had this idea earlier, it just came to me last night (and Marco d'Itri
came up with the same at d-d, too).
The suggestions is that php5-common ships a /etc/apache2/conf.d/php5.conf, which defines
the necessary handlers and/or MIME-types.
This would have the advantages:
- All SAPIs share the same config, thus no surprises.
- No longer the need for manually configuring Apache with respect to PHP when using CGI/FCGI
- We can largely drop the special section about CGI from README.Debian
I personally, would strongly recommend AGAINST also having the Action/ScriptAlias directive there;
admins or package maintainers should place them in the <Directory> definitions where this
is needed.
It's simply unclean and even dangerous to enable interpreation of PHP files server-wide, as
it's now done by mod_php packages.
If we stop doing this, we need however likley changes in many other Debian packages,
which now trusted on that global activation.
So this is rather a goal for jessie.
My suggestion for such a php5.conf would again be the version from #674205:
-------------------------------------------------------------
#Note: The following is a security measure to remove any possible mappings that would also apply on “middle extensions” (for example “test.php.png”).
RemoveType php
<Files ?*.php>
AddType application/x-php php
</Files>
-------------------------------------------------------------
Repeatedly for all the extensions you want to be included.
The discussion of why <Files> is better than <FilesMatch> (how even that could be optimised) and about
RemoveType can be found there, so no need to cite this again here.
Cheers,
Chris.
More information about the pkg-php-maint
mailing list