Today I noticed that my phpinfo on fcgi says '--disable-discard-path' '--disable-force-cgi-redirect' for configure. This would be a security-issue, but it isn't the case, it just seems that the wrong configure-string get's passed somewhere so one could think it's a security issue. hoffie just jabbered me that somehow in the build process the configure-string gets patched in afterwards.
This is expected and normal if you have "fastbuild" USE flag activated, as for that one we first do a "general" configure that works for all SAPIs and then put in afterwards SAPI-specific changes, so in the end your CGI build will have those two features activated, thus there is no problem and nothing to fix. :) Best regards, CHTEKK.
I still think it is confusing and makes it hard to verify that certain security-relevant options (-> force-cgi-redirect) are really enabled. On a side note, hanno told me he uses USE="-fastbuild".
Well in that case it would actually re-execute configure 3 times (or 2, depends on number of enabled SAPIs), each time with the correct options, so in one of the tree configure-runs you would see force-cgi-redirect etc. enabled. And I rectify what I said earlier, when fastbuild is enabled, it adds all options directly, thus in that one configure-run it does, you would see them enabled/disabled correctly. So in the end I fail to see the issue here... USE="fastbuild": one configure run, where it is correct USE="-fastbuild": multiple configure runs (= number of selected SAPIs), where for the CGI one you would correctly see those options All well, closing again. :) Best regards, CHTEKK.
chktekk, did you actually read hoffies comment above? It also happens WITHOUT fastbuild. I'll attach phpinfo-output from my local system with USE="-fastbuild". Please don't close bugs claiming there's no issue without even testing it or properly reading other's comments.
Created attachment 137312 [details] phpinfo output from fastcgi-setup
Hm, I'm still not able to reproduce this. Do you still see the problem?
I wasn't aware that this bug is still open... This got fixed a while back, though I don't remember when. I just re-checked and everything seems ok.