* Andr� Malo ([EMAIL PROTECTED]) wrote : > * Thom May wrote: > > > This is in response to a debian bug request; basically it just tightens up > > the list of allowed characters, so we don't include .dotfiles and backups > > etc. > > Thoughts? > > hmm. I don't like it. The most can easily be done with normal wildcard > matching. If your patch is applied and I have filenames (already), that > don't match the hardcoded (!) rules, I'm lost. > OK, so Justin and I were just discussing this in the bar at apachecon, and I explained the use-case I was interested in, and why I wanted this patch: We have a directory tree containing vhosts: /etc/apache2/sites-enabled this contains file in this form: samizdat.positive-internet.com www.planetarytramp.net www.example.org.uk ...
ie, the file name matches the ServerName entry. In this case, wildcard matching is either too generic (Include sites-enabled/*), or not workable at all(Include sites-enabled/*.com\nInclude sites-enabled/*.org etc etc). Now, say we edit a file in this directory, and while we are doing so, apache gets restarted. most (unix) editors will leave a .name-of-file.swp or name-of-file~ in the directory as a backup while you are editing the file, so at this point you know have two semi-identical lumps of config loaded, one of which may be broken, or missing config or whatever. This seems like an uber-bad thing. So, I guess the second proposal would be to keep the behaviour my patch proposes, but add a SafeInclude on/off directive (defaulting to Off) to define whether you want the behaviour or not. Cheers, -Thom
