httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 57777] Security concerns with documentation of AddHandler (and multiple file extensions)
Date Fri, 15 Jan 2016 06:03:24 GMT
https://bz.apache.org/bugzilla/show_bug.cgi?id=57777

--- Comment #1 from Luca Toscano <toscano.luca@gmail.com> ---
Definitely something to change, injecting files and then get them executed is
not really good. I really hope that in 2016 few people are still using mod_cgi,
but improving the documentation is always a good thing.

I am not an expert though about the correct settings to secure a configuration
like this one (except careful validation of the files received and Options
-ExecCGI in the appropriate folders), do you have any suggestion to speed up
the resolution of the bug?

Thanks!

Luca

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org


Mime
View raw message