Hi My question first:
If you use an .htaccess file to hold the reqiured mod_python directives for a given Django project, is it really that unsafe to store the project inside the web server's directory structure? I.e., doesn't the "SetHandler mod_python" tell apache to direct all requests for this directory tree to the specified handler? If so, this means the users can't get at files except through the handler, and in this case we are talking about django's handler - and it doesn't just hand out files on request either..it only "executes" them to create some output which gets sent to the web server.. So what's unsafe about putting in the web space in this scenario? Background, in case you are bored :-) : We are creating an Django bare-bones website that will be used from which to create other similar sites which will then be modified independantly. My boss has asked me if a Django installation can be setup such that it can be replicated by just copying some of it's files with possibly making some settings changes to some of them, via a setup script. One of the requirements was that we don't have to alter httpd.conf. We are using mod_python, some my understanding is that *somewhere* you need to be able to tell apache to invoke mod_python, set the python path to include your project direcctory etc. To make a long story short, it seems I can meet my boss's goals by putting an .htaccess file inside each project directory and storing the project directory somewhere in apache's document structure. This keeps me from having to create a <Location> or <Directory> entry in the httpd.conf file (because we are using an .htaccess file) and keeps me from having to modfiy the httpd.conf to add an Alias directive to "point to" files outside the webspace (i.e., if I follwed the recommendation and put my Django project outside the web space) Thanks! Michael --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
