gdead at shmoo.com
Sun Mar 18 01:15:38 EST 2001
> > <Directory /etc>
> > ignore file(!resolv.conf)
> > </Directory>
> I agree it's more unified, but I see two problems with doing it this way.
> It's a double negative which isn't very elegant, I think we should avoid
> that if possible. Most importantly, you then lose the ability to scan a
> handful of specific files in a directory. Suppose you wanted to get
> /etc/profile and /etc/passwd but nothing else.
> Unfortunatly I don't have a good suggestion at this point.
Maybe (going back to apache land):
to not go into /usr/local in /usr
basically, either by default deny all or include all, then state the
diff's. However, this doesn't account for the exclude vs. don't enter
issue of directories.
More information about the osiris-devel