On 25 Apr 2002, Hallberg Tom wrote: > > Okej let say that user ivan have protected his > /home/ivan/public_html/topsecret directory. And on the samer server we > have the user johan, from his public_html directory we make an symlink > ln -s /home/ivan/public_html/topsecret test okej so then johan tries > http://www.hostname.whatever/~johan/test he will end up in ivan' s > topsecret directory.. old news: http://www.humanfactor.com/cgi-bin/cgi-delegate/apache-ML/nh/1997/May/0397.html fix: http://www.freebsddiary.org/protected.php summary: Options -FollowSymLinks +SymLinksIfOwnerMatch or something similar sorry, my apache is a bit rusty. however, its a known issue and should be configurable around. ___________________________ jose nazario, ph.d. joseat_private http://www.monkey.org/~jose/
This archive was generated by hypermail 2b30 : Fri Apr 26 2002 - 08:51:11 PDT