This has to be done on software level.

* SECURITY: CVE-2011-3348 mod_proxy_ajp when combined with mod_proxy_balancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service.
* SECURITY: CVE-2011-3192 core: Further fixes to the handling of byte-range requests to use less memory, to avoid denial of service. This patch includes fixes to the patch introduced in release 2.2.20 for protocol compliance, as well as the MaxRanges directive.

zope.conf is read quite lite during zope startup and some modules are using
environment variables to be set up (like DateTime) *before* zope.conf is read.

In the same time, it is useless to define to logformat when only
one is used. Using format closer to default apache allows to
more easily use various log parsers

For performance analysis, it is mandatory to keep logs for a very long
time. Also it is sometimes required to analyse a bug that happened
more than one more ago, so we have no other choices than keep logs
and not remove them.

slapos.recipe.build allows to install openoffice in same way as z3c.recipe.openoffice.
Additionaly it does not hardcode internally paths or binaries, so less code
updates are needed.

slapos.libnetworkcache does not depend anymore on M2Crypto (it uses openssl
binary internally and it is optional).

1.5.3-dev-SlapOS-009 version of zc.buildout is safe to be used with new,
stabilised API to library.

Readd removed sleep.

It shall be possible to switch easily between Zeo/Zope configuration without
need to copy ZODB.

ERP5 updater takes care of configuration certificate authority tool.

Rely on portal introspections functionality.

This reverts commit 84b1322c.

I want to wrong way.

Some variables might be present, which can influcence the compilation.

As described in: http://dev.mysql.com/doc/refman/5.1/en/access-denied.html
"""
If you cannot figure out why you get Access denied, remove from the user  table
all entries that have Host values containing wildcards (entries that contain
'%' or '_'  characters). A very common error is to insert a new entry with
Host='%'  and User='some_user', thinking that this enables you to specify
localhost to connect from the same machine. The reason that this does not work
is that the default privileges include an entry with Host='localhost'  and
User=''. Because that entry has a Host value 'localhost' that is more specific
than '%', it is used in preference to the new entry when connecting from
localhost! The correct procedure is to insert a second entry with
Host='localhost'  and User='some_user', or to delete the entry with
Host='localhost'  and User=''. After deleting the entry, remember to issue a
FLUSH PRIVILEGES statement to reload the grant tables.
"""