Bugtraq mailing list archives
Re: Frontpage extensions under Apache 1.3.4
From: greg () TCSCS COM (greg)
Date: Mon, 22 Feb 1999 18:58:00 -0600
Source is availble for two elements of the extensions:
fpexe.c
mod_frontpage.c
The mod_frontpage is the apache module used for the extensions.
The fpexe file is a wrapper program that executes the other programs. It
is the program that is supposed to be secure.
These two are the only source code files available. The rest of the
extensions are closed, and you can not review the source code.
On Mon, 22 Feb 1999, Alan Brown wrote:
On Fri, 19 Feb 1999, Sitzkrieg Redundus wrote:I spent the bulk my time a few days back convincing the Frontpage 98 extensions and Apache 1.3.4 (patched with patch version 3.0.4.3) to play nicely. After banging my head against it for a few hours, I got things to what I thought was a workable point, and fired up httpd. And got an error back about there being a syntax error on line 1 of /dev/null.Has anyone properly audited the current Front Page extensions for any Apache server? My understanding is that these are available soley as binary/object files and inspection of source is impossible. I'd love to know if this has changed, as we refuse to install FP extensions because for all we know they may be swiss cheese. Many other apache server admins will have taken the same position.
Current thread:
- Frontpage extensions under Apache 1.3.4 Sitzkrieg Redundus (Feb 19)
- Re: Frontpage extensions under Apache 1.3.4 Alan Brown (Feb 21)
- Re: Frontpage extensions under Apache 1.3.4 Frank Miller (Feb 22)
- Re: Frontpage extensions under Apache 1.3.4 greg (Feb 22)
- Re: Frontpage extensions under Apache 1.3.4 pedward () WEBCOM COM (Feb 22)
- <Possible follow-ups>
- Re: Frontpage extensions under Apache 1.3.4 Paul Schandel (Feb 22)
- Re: Frontpage extensions under Apache 1.3.4 Alexander Sanda (Feb 22)
- Re: Frontpage extensions under Apache 1.3.4 Frank Miller (Feb 23)
- Re: Frontpage extensions under Apache 1.3.4 Alan Brown (Feb 21)