[development] let's cleanup /misc
morbus at disobey.com
Wed Jan 11 19:40:12 UTC 2006
> But we can do a *lot* to help avoid misconfigurations.
This particular misconfiguration is so rare that we're pushing an awful
lot of effort onto the user - regardless of automation (as *knowing*
where files are is half the battle) - for something they'll probably
never encounter in their life, unlike say, XSS.
> oh, and we are not entirely apache-only, are we?
I deliberately didn't mention Apache in my own post because it's a NULL
issue: the *frequency* with which it takes to *screw up a server SO BAD*
such that a DocRoot is misplaced or PHP is broken, is common equally
enough on Apache, LigHTTPD, Zeus, Covalent, IIS, or any other server. It
happens *so infrequently* that the software used, or the method in which
it is screwed up, doesn't make a damn bit of difference.
Morbus Iff ( you are nothing without your robot car, NOTHING! )
Culture: http://www.disobey.com/ and http://www.gamegrene.com/
O'Reilly Author, Weblog, Cook: http://www.oreillynet.com/pub/au/779
icq: 2927491 / aim: akaMorbus / yahoo: morbus_iff / jabber.org: morbus
More information about the development