From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-73885-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
by finch.gentoo.org (Postfix) with ESMTP id 4F40D1384B4
for <garchives@archives.gentoo.org>; Mon, 4 Jan 2016 05:11:21 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id BB56521C004;
Mon, 4 Jan 2016 05:11:12 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id B6392E085A
for <gentoo-dev@lists.gentoo.org>; Mon, 4 Jan 2016 05:11:11 +0000 (UTC)
Received: from wim.fritz.box (jer.xs4all.nl [212.238.182.54])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
(Authenticated sender: jer)
by smtp.gentoo.org (Postfix) with ESMTPSA id 62FAE340545;
Mon, 4 Jan 2016 05:11:08 +0000 (UTC)
Date: Mon, 4 Jan 2016 06:11:01 +0100
From: Jeroen Roovers <jer@gentoo.org>
To: Sebastian Pipping <sping@gentoo.org>
Cc: gentoo-dev <gentoo-dev@lists.gentoo.org>, "pr@gentoo.org"
<pr@gentoo.org>
Subject: Re: [gentoo-dev] News item: Apache "-D PHP5" needs update to "-D
PHP"
Message-ID: <20160104061101.5f9686bc@wim.fritz.box>
In-Reply-To: <5689BC34.5000006@gentoo.org>
References: <5689BC34.5000006@gentoo.org>
Organization: Gentoo Foundation
X-Mailer: Claws Mail 3.13.1 (GTK+ 2.24.28; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Archives-Salt: b7e8906f-a88b-48b6-90c0-28ce56d959bf
X-Archives-Hash: 987867a4f88a894c7859e422adf24b00
On Mon, 4 Jan 2016 01:26:28 +0100
Sebastian Pipping <sping@gentoo.org> wrote:
> Hi!
>
>
> Better late then never. Posting 72 hours from now the earliest as
> advised by GLEP 42. Feedback welcome as usual.
>
>
> ===========================================================
> Title: Apache "-D PHP5" needs update to "-D PHP"
> Author: Sebastian Pipping <sping@gentoo.org>
> Content-Type: text/plain
> Posted: 2016-01-04
> Revision: 1
> News-Item-Format: 1.0
> Display-If-Installed: app-eselect/eselect-php[apache2]
>
> With >=app-eselect/eselect-php-0.8.1, to enable PHP support
> for Apache 2.x file /etc/conf.d/apache2 no longer
... 2.x, the file ...
> needs to read
=> should no longer read
>
> APACHE2_OPTS="......... -D PHP5"
>
> but
>
> APACHE2_OPTS="......... -D PHP"
>
> , i.e. without "5" at the end. This change is related to
instead, i.e. ...
> unification in context of the advent of PHP 7.x.
Vague.
> With that change, guard "<IfDefine PHP>" in file
> /etc/apache2/modules.d/70_mod_php.conf
> has a chance to actually pull in PHP support.
We'd like to be pretty certain that PHP application server is going to
"actually" do that.
> Without updating APACHE2_OPTS, websites could end up serving
> PHP code (include configuration files with passwords)
> unprocessed to website visitors!
That would mean there is an additional (local) security problem.
jer