httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Sussman <mydd...@vidya.com>
Subject Re: Good deed for the day?
Date Tue, 28 May 1996 08:33:28 GMT

> >  - Would it be an idea to make any problem with the access checking or
> >    inconsistencies, missing informaion,e tc, such as not being able to open
> >     afile in the gdb, etc  lead to a SERVER_ERROR
> >   - I.e. be really hesitant to give a DECLINE.

This behavior should probably be dependent on the Authoritative directive.
If this instance -is- authoritative, then configuration errors should
produce server errors.  If it is not, some amount of fall through should
be allowed.

All this is kind of a grey area anyway.  I have a hard time thinking of
a reason why I might set up a differently protected subdirectory and
actually -want- failures along the sub-scheme to fall through to
the next one up.

>>   - As a minor legacy problem, we have in the 'require user x y z' spaces
>>    as the separators, same for groups, whih prohibit spaces in the
>>   userIDs. 

How about using quotes around names with spaces in them?  Changing the delimiter
now might be a little upsetting.

> 
> > Furthermore two of those 'require user' lines give unexpected
> >   results. How about allowing multiple lines ? or require user= multiple
> > lines.
> 

I would vote for multiple 'require user' and 'require group' lines.  While we're
at it, we might want to just allow multiple allow and deny lines too.  I can think
of a few places where it would improve readability.

-adam



Mime
View raw message