On 12 March 2010 12:53, Brad Tilley <[email protected]> wrote: > On Fri, 12 Mar 2010 10:10 -0800, "patrick keshishian" > <[email protected]> wrote: >> does disabling this option /really/ improve security? > > No, not unless you consider keeping files that are > inappropriately/accidentally copied to these directories a security > issue. It seems inline with OpenBSD's off by default posture, that is > the only reason I suggested it.
It *IS* off by default. I have yet to see an OpenBSD machine that I can install that will come up with httpd turned on.
