Bugtraq mailing list archives
Re: Mac OS X - Apache & Case Insensitive Filesystems
From: Kee Hinckley <nazgul () somewhere com>
Date: Mon, 11 Jun 2001 13:34:57 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 2:06 PM -0700 6/10/01, Paul Burney wrote:
> GET /TeSt/index.html Though it causes a bit of a performance penalty, a .htaccess file in a protected directory will resolve that problem.
I'm actually more concerned about scripting directives. In
particular, things like:
<FilesMatch ".*\.epl$">
Options ExecCgi
AllowOverride AuthConfig FileInfo Indexes Limit Options
SetHandler perl-script
PerlHandler HTML::Embperl
</FilesMatch>
I assume that if someone goes to
foo.ePl
they are going to get the raw source code, and that is, needless to
say, a potentially huge security risk. (Yes, people *ought* to put
their secure information in libraries outside of the web tree,
but....)
- --
Kee Hinckley - Somewhere.Com, LLC
http://consulting.somewhere.com/
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Security 7.0.3
iQA/AwUBOyUH2yZsPfdw+r2CEQLOfQCeLrH5M8OT6q6rVElT81CwHjOcdYwAn3Sy
+NFaRHcSK/ZRpuy9raGMF0as
=kCII
-----END PGP SIGNATURE-----
Current thread:
- Mac OS X - Apache & Case Insensitive Filesystems Stefan Arentz (Jun 10)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 11)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Kee Hinckley (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Scott Gifford (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Peter Bierman (Jun 15)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 11)