httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <>
Subject Re: FollowSymLinks rationale?
Date Sun, 25 Aug 1996 14:17:37 GMT
> Why is it that FollowSymLinks is switchable?
> Cheers,
> Ben.

Should be "off" by default.

Allows the server to traverse links.

Allows badguy to create links from ~/public_html/root -> /

I can't imagine setting this without "IfOwnerMatch". If my memory
serves, at one time SymLinksIfOwnerMatch did not imply FollowSymLinks
which should probably be considered a bug.  Looking at set_options()
this appears to still be true.

View raw message