httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject Re: Bug in apache httpd 1.1.3 (fwd)
Date Mon, 17 Feb 1997 03:55:28 GMT
On Sun, 16 Feb 1997, Dean Gaudet wrote:

> We're open to portable solutions... but as of yet, the 1.2 betas only
> document the security implications of this problem and don't do anything
> to restrict or warn about it at run time.

Ok, I _will_ submit a patch to warn on this and _will_ whack people
to try to accept it as a bugfix and not a new feature.

It will be something similar to the NCSA way, I think, and will
probably have a config file directive or two added.  It will be
able to deal with the case where a trusted group has write access
to the logs directory.

View raw message