From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 4F40D1384B4 for ; Mon, 4 Jan 2016 05:11:21 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id BB56521C004; Mon, 4 Jan 2016 05:11:12 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B6392E085A for ; Mon, 4 Jan 2016 05:11:11 +0000 (UTC) Received: from wim.fritz.box (jer.xs4all.nl [212.238.182.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: jer) by smtp.gentoo.org (Postfix) with ESMTPSA id 62FAE340545; Mon, 4 Jan 2016 05:11:08 +0000 (UTC) Date: Mon, 4 Jan 2016 06:11:01 +0100 From: Jeroen Roovers To: Sebastian Pipping Cc: gentoo-dev , "pr@gentoo.org" Subject: Re: [gentoo-dev] News item: Apache "-D PHP5" needs update to "-D PHP" Message-ID: <20160104061101.5f9686bc@wim.fritz.box> In-Reply-To: <5689BC34.5000006@gentoo.org> References: <5689BC34.5000006@gentoo.org> Organization: Gentoo Foundation X-Mailer: Claws Mail 3.13.1 (GTK+ 2.24.28; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Archives-Salt: b7e8906f-a88b-48b6-90c0-28ce56d959bf X-Archives-Hash: 987867a4f88a894c7859e422adf24b00 On Mon, 4 Jan 2016 01:26:28 +0100 Sebastian Pipping wrote: > Hi! > > > Better late then never. Posting 72 hours from now the earliest as > advised by GLEP 42. Feedback welcome as usual. > > > =========================================================== > Title: Apache "-D PHP5" needs update to "-D PHP" > Author: Sebastian Pipping > Content-Type: text/plain > Posted: 2016-01-04 > Revision: 1 > News-Item-Format: 1.0 > Display-If-Installed: app-eselect/eselect-php[apache2] > > With >=app-eselect/eselect-php-0.8.1, to enable PHP support > for Apache 2.x file /etc/conf.d/apache2 no longer ... 2.x, the file ... > needs to read => should no longer read > > APACHE2_OPTS="......... -D PHP5" > > but > > APACHE2_OPTS="......... -D PHP" > > , i.e. without "5" at the end. This change is related to instead, i.e. ... > unification in context of the advent of PHP 7.x. Vague. > With that change, guard "" in file > /etc/apache2/modules.d/70_mod_php.conf > has a chance to actually pull in PHP support. We'd like to be pretty certain that PHP application server is going to "actually" do that. > Without updating APACHE2_OPTS, websites could end up serving > PHP code (include configuration files with passwords) > unprocessed to website visitors! That would mean there is an additional (local) security problem. jer