Bugtraq mailing list archives
Re: Mac OS X - Apache & Case Insensitive Filesystems
From: Kee Hinckley <nazgul () somewhere com>
Date: Mon, 11 Jun 2001 13:34:57 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 2:06 PM -0700 6/10/01, Paul Burney wrote:
> GET /TeSt/index.html Though it causes a bit of a performance penalty, a .htaccess file in a protected directory will resolve that problem.
I'm actually more concerned about scripting directives. In particular, things like: <FilesMatch ".*\.epl$"> Options ExecCgi AllowOverride AuthConfig FileInfo Indexes Limit Options SetHandler perl-script PerlHandler HTML::Embperl </FilesMatch> I assume that if someone goes to foo.ePl they are going to get the raw source code, and that is, needless to say, a potentially huge security risk. (Yes, people *ought* to put their secure information in libraries outside of the web tree, but....) - -- Kee Hinckley - Somewhere.Com, LLC http://consulting.somewhere.com/ I'm not sure which upsets me more: that people are so unwilling to accept responsibility for their own actions, or that they are so eager to regulate everyone else's. -----BEGIN PGP SIGNATURE----- Version: PGP Personal Security 7.0.3 iQA/AwUBOyUH2yZsPfdw+r2CEQLOfQCeLrH5M8OT6q6rVElT81CwHjOcdYwAn3Sy +NFaRHcSK/ZRpuy9raGMF0as =kCII -----END PGP SIGNATURE-----
Current thread:
- Mac OS X - Apache & Case Insensitive Filesystems Stefan Arentz (Jun 10)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 11)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Kee Hinckley (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Scott Gifford (Jun 12)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Peter Bierman (Jun 15)
- Re: Mac OS X - Apache & Case Insensitive Filesystems Paul Burney (Jun 11)