httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject [concept PATCH] CVE-2009-1195 tweaks to provide binary compatibility for stable branches
Date Fri, 22 May 2009 21:12:31 GMT
(untested)

ap_allow_options() is how applications, including our mod_include, access
the enabled options for a given request (other than evil apps which define
CORE_PRIVATE and locate the core_dir_config).  As this is a callable
function, it can map internal, hidden bitmaps as appropriate before
returning to the caller.

The attached patch uses new OPT_PVT_ flags internally for include-related
options (defined inside CORE_PRIVATE) but maps those onto the old
OPT_INCLUDES and OPT_INCNOEXEC flags inside the ap_allow_options() function.

Mime
View raw message