httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <>
Subject Re: [ (Mark Lowes)] Feature Request: mod_include.c
Date Mon, 06 Apr 1998 05:46:53 GMT
Folks ask for this a lot, and I always forget what the answer is.  We
should either support it if we don't, or we should document how it's done
in the mod_include docs and include a pointer in the FAQ.

ISTR this is accomplished by doing IncludeNOEXEC and using #include
virtual.  Or is that just how we think it should work but there's a bug? 
I dunno.  Marc? 


Date: Thu, 26 Mar 1998 18:00:44 GMT
From: Mark Lowes <>
Subject: Feature Request: mod_include.c


Something which would be useful to include in either the 1.3 release or
as a patch to 1.2.x would be the ability to block the "#exec cmd" server
side includes but not the "#exec cgi" includes.

The problem we have here is that we support a SSI counter but doing so
also gives the customers the ability to run commands on the webserver
via the "#exec cmd" include.  Unless I'm missing something silly the
#exec has a all or nothing blocking in the IncludeNOEXEC.


| Mark Lowes <>                    Network Operations |
| Frontier Internet Services Ltd - Disclaimer;                       |
|                                                                    |
| All statements made and agreements come to by means of email are   |
| at all times subject to Frontier's Terms and Conditions of service |
| and product descriptions / sales literature. Representations made  |
| above and beyond those contained there in are not to be relied     |
| upon and are at no time contractually binding.                     |

  • Unnamed multipart/mixed (inline, None, 0 bytes)
View raw message