httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Alexei Kosut <ako...@organic.com>
Subject Re: Security gotcha
Date Tue, 20 Aug 1996 19:03:06 GMT
On Tue, 20 Aug 1996, Ben Laurie wrote:

> I've just realised that this:
> 
> application/x-httpd-cgi         cgi
> 
> is in mime.types, meaning that the unwary Webmaster is enabling CGI without
> realising it. Also, I thought the use of magic mime types was now deprecated?

Well, they're not enabling it unless you also use Options ExecCGI. But
yes, they are. Hmm.

> I think this entry (and any other similar ones) should be removed. Comments?

Probably, yes.

-- Alexei Kosut <akosut@organic.com>            The Apache HTTP Server 
   http://www.nueva.pvt.k12.ca.us/~akosut/      http://www.apache.org/


Mime
View raw message