Return-Path: 
 <docs-return-4320-apmail-httpd-docs-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-docs-archive@httpd.apache.org
Received: (qmail 36642 invoked by uid 500); 7 Nov 2002 03:07:09 -0000
Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:docs-help@httpd.apache.org>
list-unsubscribe: <mailto:docs-unsubscribe@httpd.apache.org>
list-post: <mailto:docs@httpd.apache.org>
Reply-To: docs@httpd.apache.org
Delivered-To: mailing list docs@httpd.apache.org
Received: (qmail 36628 invoked from network); 7 Nov 2002 03:07:04 -0000
Date: Wed, 6 Nov 2002 22:07:08 -0500 (Est)
From: Joshua Slive <joshua@slive.ca>
To: docs@httpd.apache.org
Subject: Re: cvs commit: httpd-2.0/docs/manual/misc security_tips.html.en
 security_tips.xml
In-Reply-To: <20021107030333.52844.qmail@icarus.apache.org>
Message-ID: <Pine.WNT.4.44.0211062205480.1296-100000@Poste3947>
X-X-Sender: slive@exchange.commerce.ubc.ca
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

>   +  Embedded scripting options which run as part of the server itself,
>   +  such as mod_php, mod_perl, mod_tcl, and mod_python, run under the
>   +  identify of the server itself, (see the <directive

"identity" rather than "identify"

>   +  module="mpm_common">User</directive> directive) and therefore
>   +  scripts executed by these engines potentially can access anything the
>   +  server user can. some scripting engines may provide restrictions, but

Capital "s" on "some".

Joshua.


---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org