httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 42079] - SSLRequire: Additional access in sub-directoies
Date Thu, 12 Apr 2007 18:53:12 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=42079>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=42079





------- Additional Comments From basant.kukreja@sun.com  2007-04-12 11:53 -------
>To me it is also intuitive that you gain improved security by first restricting 
>*all* access to the whole web server and then open up where you want. 
Directory container permissions works in reverse way that's why we observe this
issue.
I believe apache way of securing directories is inherited from unix file system
security. The philosophy is that that to enter a particular level, you need to
have permission to all levels above it.

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message