Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 36960 invoked from network); 12 Aug 2005 02:22:38 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 12 Aug 2005 02:22:38 -0000 Received: (qmail 59713 invoked by uid 500); 12 Aug 2005 02:22:27 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 59502 invoked by uid 500); 12 Aug 2005 02:22:26 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 59489 invoked by uid 99); 12 Aug 2005 02:22:26 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 11 Aug 2005 19:22:26 -0700 X-ASF-Spam-Status: No, hits=0.4 required=10.0 tests=DNS_FROM_RFC_ABUSE X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [206.190.48.229] (HELO web52706.mail.yahoo.com) (206.190.48.229) by apache.org (qpsmtpd/0.29) with SMTP; Thu, 11 Aug 2005 19:22:46 -0700 Received: (qmail 57567 invoked by uid 60001); 12 Aug 2005 02:22:23 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=S+0VUSokJUyvDRzwXpUDqaCpTbJnLPsYQA7X5Nsx2HJKsVu103DmjlQwP27mvj1SjZetuC6EBmueNvdFmpmYtMwKM6TtPoWaUjqnPM65WlVSWCNM6buR+siiVB5Z7Hb4EHtUnROQwV9HJGPKt7SXRFCaOzg8QHb1qDOVs71HQ1s= ; Message-ID: <20050812022223.57565.qmail@web52706.mail.yahoo.com> Received: from [65.200.4.130] by web52706.mail.yahoo.com via HTTP; Thu, 11 Aug 2005 19:22:23 PDT Date: Thu, 11 Aug 2005 19:22:23 -0700 (PDT) From: Neelay Shah To: users@httpd.apache.org In-Reply-To: <42FBC760.4050407@queernet.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] Securing Apache configuration X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Well, there are some programs like "junction" available on sysinternals that supposedly make hard link equivalent on windows...and the point is the user can create a hard link to c:\ in his user dir. and it will expose the whole hard drive and that is why I am concerned about it...how to stop the web server from following ... Neelay --- "Roger B.A. Klorese " wrote: > Neelay Shah wrote: > > >So, if one of the users in his home directory > creates > >a hard link to C:/ there is no way I could > configure > >the web server to avoid following that hard > >link..following the link would display the contents > of > >the "C:/" > > > > > > > Hard links don't exist in Windows, do they? > > And on Linux and other Unixen they require suitable > permissions on the > object. > > --------------------------------------------------------------------- > The official User-To-User support forum of the > Apache HTTP Server Project. > See for > more info. > To unsubscribe, e-mail: > users-unsubscribe@httpd.apache.org > " from the digest: > users-digest-unsubscribe@httpd.apache.org > For additional commands, e-mail: > users-help@httpd.apache.org > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org