httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Sutton <>
Subject Re: [PATCH] fix for satisfy merging
Date Mon, 03 Feb 1997 14:12:14 GMT
On Sun, 2 Feb 1997, Ed Korthof wrote:
> Eh, yeah.  See below for patch.  <snicker self>

I've tried this patch and it works. But, if users already have access
restrictions which implicitly rely on Satisfy All behaviour (e.g. the
default), then including Satisfy Any in any higher-level directory section
or .htaccess will change the meaning of the lower-level restrictions to
Satisfy Any. 

Since Satisfy is only useful if associated with both auth and access
restrictions, a better inheritance rule might be to only inherit if the
new configuration has both authentication and access restrictions (i.e. if
the section or .htaccess includes order,deny,allow and auth* directives).
This I think is non-trivial, which is why I didn't include a patch with my
original bug report. 

On the other hand, the behaviour with this patch is similar to the way
most other directives work between different levels of the hierarchy and
is no more confusing, so I'd be quite happy to see this patch go in as the
bug fix.. +1. 


View raw message