httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <>
Subject Re: v. 2.2 Documentation errors? (in mod/core.html#options and misc/security_tips.html#protectserverfiles)
Date Fri, 12 Dec 2008 21:22:37 GMT
On Fri, Dec 12, 2008 at 5:26 AM, Christopher Drost
<> wrote:
>> How do you get out from under / with a symlink?
> I don't understand the question. You don't "get out from under" the
> global root directory -- I'm not suggesting a break on chroot or
> something like that. You do get out from under the DocumentRoot. (You
> might even get out from a chroot applied to Mallory's account but not
> Apache's, if I understand the interplay of symlinks and chroot
> properly.)
> This Mallory can do as follows, if e.g. he has a site under
> mod_userdir. Mallory logs into his account and just types:
> ln -s / /home/mallory/public_html/root

You said <Directory />, which is not the document root or something
relative to a users home directory..   It's the root of the

Eric Covener

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message