httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian Havard" <bri...@kheldar.apana.org.au>
Subject Re: Plugging nice big security hole (OS/2)
Date Mon, 20 Jul 1998 09:17:22 GMT
On Mon, 20 Jul 1998 01:35:21 -0600 (MDT), Marc Slemko wrote:

>On Mon, 20 Jul 1998, Brian Havard wrote:
>
>> My testing shows that OS/2 suffers the same problem as Win32 with trailing
>> dots on directory names and I'm trying to do something about it.
>> 
>> As it stand, you can bypass protection of a directory by adding a dot at the
>> end. I've written an ap_os_canonical_filename() that removes the trailing
>> dots (and does a few other things) and that seems to secure <Directory> type
>> access restrictions but <Location> types are still vunerable. What can I do
>> to fix them?
>
>Talk to Dean and your problems will vanish.  He will simply define
>Location as something that isn't supposed to protect access to files, and
>you have no problems.  I don't fully disagree with him, but... 
>
>AFAIK, this is how Win32 is being treated right now.

Hmm, Ok. I'll submit my patch that adds ap_os_canonical_filename() then.
I must be missing something though as my function is only about 30 lines
compared to the Win32 version of around 140. Maybe it's just because I don't
have to deal with the long/short name crap that Windoze has.......

--
 ______________________________________________________________________________
 |  Brian Havard                 |  "He is not the messiah!                   |
 |  brianh@kheldar.apana.org.au  |  He's a very naughty boy!" - Life of Brian |
 ------------------------------------------------------------------------------


Mime
View raw message