httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruediger Pluem <>
Subject Re: svn commit: r423886 - in /httpd/httpd/trunk: CHANGES server/request.c
Date Thu, 20 Jul 2006 22:13:08 GMT

On 07/20/2006 02:04 PM, Joe Orton wrote:

> I think it's a *very* bad idea to imply that SymLinksIfOwnerMatch is a 
> security feature.
> If you did want to call this a "security feature" then you also need to 
> fix the big fat race condition inbetween all those nice careful stat() 
> calls and the default handler going to open the file.  Which I doubt 
> would be simple to say the least.
> I'd stay well clear of the word "security" here.

I adjusted the svn log message (
and removed the word SECURITY from the CHANGES file (
I hope this addresses your concerns.



View raw message