Include Root should be configured
The root path for files processed by SilverStripe should be configured, rather than assumed as the Document root. Preferably, the SilverStripe root should be *above* the server Document root. This narrows the range of bugs which could allow these configuration files to be leaked.
Most files - most particularly those containing sensitive data such as database passwords - should be processed relative to the Include Root, not the Document Root. (The Include Root, of course, still needs to have its own configuration set in a known location. Presumably that is the only configuration under the Document Root).
If a developer _wants_ to configure the Include Root to be under the Document root, so be it.
/path/to/mysite/ss/... <- config files under this tree
/path/to/mysite/public_html/... <- public files under this tree
Sam Minnée commented
This is planned and is being tracked in github here: https://github.com/silverstripe/silverstripe-framework/issues/7419
(Note, making the root path configure able is not such a big deal for me, I would be fine with the framework parts beeing forced outside the document root.)
there has actually been a lot of work done on that subject, and the issue was recently discussed again when talking about package management, the composer vendor/ folder and some other topic.
But I still don't know what the status of that is.
Would love to get this issue back into the spotlight and see this implemented soon.