On 1/18/2012 6:12 AM, Graham Leggett wrote: > On 18 Jan 2012, at 4:56 AM, Noel Butler wrote: > >> This never was a problem in 2.2, if one disabled dav it was disabled, as it >> should be disabled, fully, not only in parts, here and there, granted it's >> now changed because modules are no longer defaulted to statically built, but >> plenty of admins will use this method, I also favour it (heh, obviously >> since I found it), so if the option to revert to old method is offered as it >> is via --enable-mods-static=all, then if someone disables a specific mod >> like dav (which some security type scanners suggest), it should be fully >> disabled and the build should succeed. > > This was and still is a problem in v2.2 for mod_proxy, and a number of other > modules. If you turn mod_proxy off, you'll have the build fail caused by > mod_proxy_http and friends. I looked at fixing this recently and discovered > this was a massive job, one for the timescales given by v2.6, not v2.4.
This should be trivially solvable in the autoconf .m4 config sections for proxy and dav. Disabling the 'parent' module must disable building the sub-modules.
