httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <>
Subject Re: [PATCH] Win32 device files
Date Wed, 02 Dec 1998 20:51:41 GMT

Paul Sutton wrote:
> This patch should help fix the security hole, but has a few drawbacks: it
> is slow, it does not cover all situations when we open files (e.g. you can
> still specify PidFile /LPT1), and it will reject use of NUL in
> AccessConfig or ResourceConfig directives. It will also reject invalid
> path components which may be on a remote share where the path component is
> infact valid.

   Jim Jagielski   |||   |||
            "That's no ordinary rabbit... that's the most foul,
            cruel and bad-tempered rodent you ever laid eyes on"

View raw message