Vulnerability Development mailing list archives
Re: CGI source being exposed using "~"
From: oysteivi () TIHLDE ORG (Oystein Viggen)
Date: Tue, 9 May 2000 14:17:34 +0200
Brian McKinney spake thus:
Andrew Reisse said:
<On my servers, I put a section like this in httpd.conf to prevent editor
<backups from being read (which, as you said, might contain passwords or
<other interesting data)
<Files ~ "^\~">
Order allow,deny
Deny from all
</Files>
Try this instead:
<Files ~ "*\~">
Order allow,deny
Deny from all
</Files>
Seeing as the ^ is right above the * (at least on scandinavian keyboards
and probably many others), it's quite an understandable typo... :)
Oystein
--
Some Norwegian
Current thread:
- Re: AIM bug or feature, (continued)
- Re: AIM bug or feature White Vampire (May 10)
- really fast data Ogrodnek, Larry (May 10)
- Re: Alternative ways of IP spoofing? Doru Petrescu (May 10)
- AIM & VPN jeff D (May 10)
- Re: AIM & VPN Jeremy Gaddis (May 10)
- Re: AIM & VPN Bluefish (May 11)
- Re: AIM & VPN Matthew S. Hallacy (May 12)
- Norton Internet Security 2000 Jon Alabot (May 10)
- Re: CGI source being exposed using "~" Jason Legate (May 09)
- Re: CGI source being exposed using "~" Mike Waychison (May 09)
- Re: CGI source being exposed using "~" Oystein Viggen (May 09)
- Re: CGI source being exposed using "~" David Augros (May 09)