#38461: Port request: apache_mod_hfs_apple -----------------------------------+-------------------------------- Reporter: egall@… | Owner: macports-tickets@… Type: request | Status: new Priority: Normal | Milestone: Component: ports | Version: 2.1.3 Resolution: | Keywords: Port: apache_mod_hfs_apple | -----------------------------------+-------------------------------- Comment (by mp@…): A Portfile for **mod_hfs_apple** is now available in attachment :mod_hfs_apple-portfile-20130910 The current version is 14, which means it is based on the module source in http://opensource.apple.com/source/apache_mod_hfs_apple/apache_mod_hfs_apple... , which solves the vulnerability in apache2 with HFS, where the __source__ of .php files is served by apache2 instead of being evaluated. So, http://localhost/index.p%E2%80%8Chp now doesn't reveal the source of index.php, as shown in ticket:38452 (and http://packetstormsecurity.com/files/120820/Apple-Security- Advisory-2013-03-14-1.html). Since I'm only running Tiger at the moment, that is what it is tested on, but it should work on any OS X version. Even though I'm quite pleased with the solution - where activation/deactivation is completely controlled by the `port` command - comments and any possible improvements are most welcome. ----- As it is now, upon installation/activation of the port, {{{ LoadModule hfs_apple_module modules/mod_hfs_apple.so }}} is automagically added to the apache configuration file, and apache2 gracefully restarted.\\ `(post-activate: apxs -e -a)` If the port is deactivated, the module is first commented out in the apache2 configuration file, apache2 restarted gracefully, and then the module is removed.\\ `(pre-deactivate: apxs -e -A)` -- Ticket URL: <https://trac.macports.org/ticket/38461#comment:7> MacPorts <http://www.macports.org/> Ports system for OS X