Return-Path: Delivered-To: apmail-httpd-docs-archive@www.apache.org Received: (qmail 18514 invoked from network); 2 Oct 2008 16:18:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 2 Oct 2008 16:18:55 -0000 Received: (qmail 73139 invoked by uid 500); 2 Oct 2008 16:18:52 -0000 Delivered-To: apmail-httpd-docs-archive@httpd.apache.org Received: (qmail 73098 invoked by uid 500); 2 Oct 2008 16:18:52 -0000 Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: docs@httpd.apache.org List-Id: Delivered-To: mailing list docs@httpd.apache.org Received: (qmail 73086 invoked by uid 99); 2 Oct 2008 16:18:52 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Oct 2008 09:18:52 -0700 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [82.216.111.43] (HELO smtp7.tech.numericable.fr) (82.216.111.43) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Oct 2008 16:17:50 +0000 Received: from [82.216.219.127] (ip-127.net-82-216-219.roubaix.rev.numericable.fr [82.216.219.127]) by smtp7.tech.numericable.fr (Postfix) with ESMTP id 36098163811 for ; Thu, 2 Oct 2008 18:18:22 +0200 (CEST) Message-ID: <48E4F452.4010902@lorraine.iufm.fr> Date: Thu, 02 Oct 2008 18:18:26 +0200 From: Lucien GENTIS User-Agent: IceDove 1.5.0.14eol (X11/20080724) MIME-Version: 1.0 To: docs@httpd.apache.org Subject: Re: help for translation References: <48E0E604.9050607@lorraine.iufm.fr> <48E2BD46.9010206@lucid.net.au> <1404e5910810010902y131f9ff4h233b71c445634082@mail.gmail.com> In-Reply-To: <1404e5910810010902y131f9ff4h233b71c445634082@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Eric Covener a �crit : > On Tue, Sep 30, 2008 at 7:59 PM, Jason Lingohr wrote: > >> On 30/09/2008 12:28 AM, Lucien GENTIS wrote: >> >>> Hello to all, >>> >>> File trunk/manual/lod/core.xml - line 2298 about FollowSymLinks option. >>> >>> Could someone explain this sentence : >>> >>> "Omitting this option should not be considered a security restriction, >>> since symlink testing is subject to race conditions that make it >>> circumventable. >>> >>> >> The second part reads ok to me -- buffer overrun or memory allocation >> exhaustion... but the "restriction" word seems odd. >> >> Should it perhaps be "should not be considered a security >> (benefit|enhancement),..." >> > > Maybe "... security measure" > > Re: the 2nd part, AIUI the window between checking that a path > component isn't a symlink then actually using the path component is > what this is referring to, not some potential corruption issue in the > server that would change the behavior. > > Thanks for all answers ; yet I understand the sentence this way : "Omitting this option should not be considered a security enhancement, because the time while testing symlinks can be subject to race conditions and so the security measure taken omitting this option can be circumvented. Am i right ? --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org For additional commands, e-mail: docs-help@httpd.apache.org