Files that go there include: openacs-dev.tcl, the analog config file, and the daemontools directory; anything else?
I would be inclined to add the ssl key certificates here, possibly in a subdir (i worked on this last week to it is fresh in my mind)... I know Scott Goodwin has great instructions for installing SSL, but i would think that it would also be good to tell people that aren't used to certficicates how to create the cert and key files for themselves (like this, or by directing them there: http://linuxlab.dk/fcl/technotes/ssl_on_aolserver... and possibly having nsopenssl parameters commented out in the default nsd.tcl file would also help. I would also recommend putting the log files in
/var/log/openacs/* if we are trying to use standards...
I too am interested to know why it is a "security risk" to have websites hosted in /web by nsadmin. The only thing i could think of is that using an nsadmin account (i.e. the default), would give hackers a username on your system - but if you don't allow nsadmin to log in remotely what is the problem?
