From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RZ2jF-0007bf-KM for garchives@archives.gentoo.org; Fri, 09 Dec 2011 15:51:17 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3C09E21C184; Fri, 9 Dec 2011 15:50:59 +0000 (UTC) Received: from mail-ey0-f181.google.com (mail-ey0-f181.google.com [209.85.215.181]) by pigeon.gentoo.org (Postfix) with ESMTP id 405B521C160 for ; Fri, 9 Dec 2011 15:49:13 +0000 (UTC) Received: by eaal13 with SMTP id l13so1799866eaa.40 for ; Fri, 09 Dec 2011 07:49:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=68swguLfnjoT4579amHz5Zs1NcEaTRmiD6at7A7FTBk=; b=Vja1yOzeziNT3LKOj44CVrtSALTQqVz1IbkXHLPG//UkI9eBoQ8NuGW9KZVlIq9l6l xc1/sENxdSDrpgKiQNX2Ke76cLVgrKkEAInd4NzNUpnEV9Kn0c1kHXZXHescvAX2iqbj 6/4hfnSYzuKiPYHw45/6Z2PKeUKL1IwA5tu2w= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.213.10.145 with SMTP id p17mr230745ebp.43.1323445753366; Fri, 09 Dec 2011 07:49:13 -0800 (PST) Received: by 10.213.33.133 with HTTP; Fri, 9 Dec 2011 07:49:13 -0800 (PST) In-Reply-To: <4EE17733.6070601@orlitzky.com> References: <4EE17733.6070601@orlitzky.com> Date: Fri, 9 Dec 2011 07:49:13 -0800 Message-ID: Subject: Re: [gentoo-user] Gentoo location for squirrelmail attachments From: Grant To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 37152608-8b8d-469e-a8b5-40f5f3b28c51 X-Archives-Hash: 522dd73b66034806288aa72eb2307e06 >> I ran squirrelmail/configtest.php and realized I don't have an >> attachment directory set up for Squirrelmail: >> >> ERROR: Attachment dir (/var/local/squirrelmail/attach/) does not exist! >> >> I don't even have a /var/local/. =A0Would a good Gentoo'er create the >> directory in that location? > > > If a website needs to write files, let it do so under its own directory > hierarchy. All of our PHP sites have something equivalent to the followin= g > in their apache vhost configs: > > =A0php_admin_value open_basedir /var/www/example.com/www/ > =A0php_admin_value upload_tmp_dir /var/www/example.com/www/tmp > =A0php_admin_value session.save_path /var/www/example.com/www/tmp > > That way, if www.example.com is compromised, the rest of the machine is > still safe (barring PHP bugs). There is a Squirrelmail document recommending that the Squirrelmail data and attachments directories are established outside of the web server's reach. /var is given as an example. They also recommend root:apache 0730 for both directories. This is a little disturbing because my Squirrelmail data directory was created under the webroot as apache:apache 0755 at some point. Would this have been done by Gentoo? Should I file a bug? "Prepare data and attachment directories" http://squirrelmail.org/docs/admin/admin-3.html - Grant