Return-Path: Delivered-To: apmail-httpd-docs-archive@www.apache.org Received: (qmail 50494 invoked from network); 1 Oct 2008 16:02:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 1 Oct 2008 16:02:54 -0000 Received: (qmail 26735 invoked by uid 500); 1 Oct 2008 16:02:51 -0000 Delivered-To: apmail-httpd-docs-archive@httpd.apache.org Received: (qmail 26699 invoked by uid 500); 1 Oct 2008 16:02:51 -0000 Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: docs@httpd.apache.org List-Id: Delivered-To: mailing list docs@httpd.apache.org Received: (qmail 26688 invoked by uid 99); 1 Oct 2008 16:02:51 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Oct 2008 09:02:51 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of covener@gmail.com designates 66.249.92.169 as permitted sender) Received: from [66.249.92.169] (HELO ug-out-1314.google.com) (66.249.92.169) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 01 Oct 2008 16:01:50 +0000 Received: by ug-out-1314.google.com with SMTP id j3so1763996ugf.23 for ; Wed, 01 Oct 2008 09:02:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=5VcuSVZy99Tx4yVYUuXCpzTpzQBIjHEfFT6XHl0aYkg=; b=DE+qJwoabq4ZlZfFCZcqOXYRuvSjVD70vswqNb4iff04K2WCPuVeafP9vwQvNMzXlo 6RklA4bUhYUBZiOCXFdMCWYs1coeoSRrt/Jo6x9QHl83FQ8DcKAIViAIc/cUQOwznPZF YrQY7uKWSxi2V40hxkIvnXMvEeKoJ3fHh4uoY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=CYd/nFpJ/8Uu8YA+9KpPCCa0zzUzNegJZ7C1TKE0Wsj64tF3AZ6zIU8b4LRUrh17PJ uikAjhF1ymwMz30bxwm11PDrsEsPc35BVUEqeBY1yZAtoaRMeT3u1aLA2IbDaasb0ze2 TEu0wltZWZaq8UlAQcys44bGSLjXe4vuKN9NM= Received: by 10.67.115.2 with SMTP id s2mr2888439ugm.49.1222876933892; Wed, 01 Oct 2008 09:02:13 -0700 (PDT) Received: by 10.66.217.8 with HTTP; Wed, 1 Oct 2008 09:02:13 -0700 (PDT) Message-ID: <1404e5910810010902y131f9ff4h233b71c445634082@mail.gmail.com> Date: Wed, 1 Oct 2008 12:02:13 -0400 From: "Eric Covener" To: docs@httpd.apache.org Subject: Re: help for translation In-Reply-To: <48E2BD46.9010206@lucid.net.au> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <48E0E604.9050607@lorraine.iufm.fr> <48E2BD46.9010206@lucid.net.au> X-Virus-Checked: Checked by ClamAV on apache.org On Tue, Sep 30, 2008 at 7:59 PM, Jason Lingohr wrote: > On 30/09/2008 12:28 AM, Lucien GENTIS wrote: >> Hello to all, >> >> File trunk/manual/lod/core.xml - line 2298 about FollowSymLinks option. >> >> Could someone explain this sentence : >> >> "Omitting this option should not be considered a security restriction, >> since symlink testing is subject to race conditions that make it >> circumventable. >> > > The second part reads ok to me -- buffer overrun or memory allocation > exhaustion... but the "restriction" word seems odd. > > Should it perhaps be "should not be considered a security > (benefit|enhancement),..." Maybe "... security measure" Re: the 2nd part, AIUI the window between checking that a path component isn't a symlink then actually using the path component is what this is referring to, not some potential corruption issue in the server that would change the behavior. -- Eric Covener covener@gmail.com --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org For additional commands, e-mail: docs-help@httpd.apache.org