(no subject)

[chris.mattingly () INTERPATH NET (Chris A. Mattingly)]

The Incubus wrote:
> Hi there,
>
> probably this is already known, but I've noticed that a default install of
> Apache on a RedHat linux server can give you valid logins...  I did check
> the apache and redhat websites for this misconfiguration, but didn't find
> anything... I also checked securityfocus and such, and didn't find anything
> either...
>
> When we do www.redhatserver.com/~validlogin we get a 403, when we try with
> another login (which is not valid) we get a 404.

On my FreeBSD/apache configuration I get a 404 whether the user
exists or not (unless said user has a directory matching the
UserDir configuration)

Dunno whether this points to a linux/apache issue or a configuration
issue though.

Just my $0.02. :)

-Chris

<HR NOSHADE>
<UL>
<LI>text/x-vcard attachment: Card for Chris A. Mattingly
</UL>

<HR NOSHADE>
<UL>
<LI>application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature
</UL>