httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Re: WWW Form Bug Report: "Security hole in test-cgi" on Linux
Date Sun, 02 Jun 1996 02:02:14 GMT
On Sat, 1 Jun 1996, Alexei Kosut wrote:
> You can also use fun things like "/*", followed by "/*/*" and
> "/*/*/*", etc, etc and get yourself a complete directory listing. 

Sigh.  One tries and tries.... 

I'm all for removing it.  Anything wrong with leaving "printenv" there?

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  |  We're hiring!  http://www.organic.com/Home/Info/Jobs/


Mime
View raw message