[Osiris-devel]updated specs
B Potter
gdead at shmoo.com
Sun Mar 18 01:15:38 EST 2001
> > <Directory /etc>
> > ignore file(!resolv.conf)
> > </Directory>
>
> I agree it's more unified, but I see two problems with doing it this way.
> It's a double negative which isn't very elegant, I think we should avoid
> that if possible. Most importantly, you then lose the ability to scan a
> handful of specific files in a directory. Suppose you wanted to get
> /etc/profile and /etc/passwd but nothing else.
>
> Unfortunatly I don't have a good suggestion at this point.
Maybe (going back to apache land):
<Directory /etc>
Order include,deny
Include resolv.conf
</Directory>
to not go into /usr/local in /usr
<Directory /usr>
Order deny,include
Deny local
</Directory>
basically, either by default deny all or include all, then state the
diff's. However, this doesn't account for the exclude vs. don't enter
issue of directories.
later
bruce
More information about the osiris-devel
mailing list