Ken, since you asked me,
> it's kinda a landmine field ... everyone navigates their own! lächelnd
Isn't that normal. You can't navigate other people's boats! But the assumption is, you know your boat and the waters. People change boats because they can't navigate their own and complain that navigating the other boat is also difficult.
> 5.2 of Moodle/router and moodle in subdirectory ... no one questions that I said moodles in subdirectories IS more secure?
For one, a probabilistic answer doesn't tell me much: You may be wearing the best bullet-proof vest, but if you stretch your neck at the wrong instant, you know where the bullet enters.
Coming back to the specific soft-linked directories, I don't see any security improvement - the hacker can navigate the soft-links just like navigating the "official" directory tree. That is my opinion. Others might have theirs. I'm not going to defend mine.
> it's kinda a landmine field ... everyone navigates their own! lächelnd
Isn't that normal. You can't navigate other people's boats! But the assumption is, you know your boat and the waters. People change boats because they can't navigate their own and complain that navigating the other boat is also difficult.
> 5.2 of Moodle/router and moodle in subdirectory ... no one questions that I said moodles in subdirectories IS more secure?
For one, a probabilistic answer doesn't tell me much: You may be wearing the best bullet-proof vest, but if you stretch your neck at the wrong instant, you know where the bullet enters.
Coming back to the specific soft-linked directories, I don't see any security improvement - the hacker can navigate the soft-links just like navigating the "official" directory tree. That is my opinion. Others might have theirs. I'm not going to defend mine.