The various packagers (RPM and DEB) are currently moving a number of files out of . of the package, which usually becomes /usr/share/ledgersmb, with the web server pointing at it. The other files move elsewhere, usually /usr/share/doc/ledgersmb. What does not get moved, which could be moved is the LedgerSMB directory full of .pm files, which could be reached by Perl search path. My proposal is to move all of the wrapper .pl files out of the root directory into a directory which could be called "htdocs" or something like this. Now, almost all of the real functionality is now in the bin/ directory, and this would be among the things that could go somewhere else when installed, rather than being under DocumentRoot. If we want to keep the ability for people to tar xzf into /var/www, then we might want to have a script that creates a series of symlinks, but we should instead encourage users to change their DocumentRoot. (Perhaps it is supported right now to point at bin/) My reasons for suggesting this are twofold: 1) depth-in-security: misconfigured web servers can not allow writing to things they can not see. 2) to make unit testing a bit more obvious. I'd rather not pollute DocumentRoot accessible directory with even more things that a web server could do the wrong thing with. In particular, I've been working on some testing where one needs to import different databases, and then do things. -- ] He who is tired of Weird Al is tired of life! | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] ..hidden.. http://www.sandelman.ottawa.on.ca/ |device driver[ Kyoto Plus: watch the video <http://www.youtube.com/watch?v=kzx1ycLXQSE> then sign the petition.
Description: PGP signature