Hi yesterday I managed to bypass the pwd check when using .htpasswd. The problem now is that Im not sure how to secure it. Okej let say that user ivan have protected his /home/ivan/public_html/topsecret directory. And on the samer server we have the user johan, from his public_html directory we make an symlink ln -s /home/ivan/public_html/topsecret test okej so then johan tries http://www.hostname.whatever/~johan/test he will end up in ivan' s topsecret directory.. So what have I missed in my httpd.conf or something else? :) thanx /Tom
This archive was generated by hypermail 2b30 : Thu Apr 25 2002 - 09:10:49 PDT