Return-Path: 
 <users-return-95895-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 97409 invoked from network); 8 Jul 2010 06:30:24 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 8 Jul 2010 06:30:24 -0000
Received: (qmail 55140 invoked by uid 500); 8 Jul 2010 06:30:21 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 54900 invoked by uid 500); 8 Jul 2010 06:30:17 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 54891 invoked by uid 99); 8 Jul 2010 06:30:16 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jul 2010 06:30:16 +0000
X-ASF-Spam-Status: No, hits=3.2 required=10.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL
X-Spam-Check-By: apache.org
Received-SPF: softfail (nike.apache.org: transitioning domain of
 james@linux-source.org does not designate 209.85.160.45 as permitted sender)
Received: from [209.85.160.45] (HELO mail-pw0-f45.google.com) (209.85.160.45)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 08 Jul 2010 06:30:08 +0000
Received: by pwi2 with SMTP id 2so665856pwi.18
        for <users@httpd.apache.org>; Wed, 07 Jul 2010 23:28:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.142.213.13 with SMTP id l13mr9667108wfg.174.1278570526538;
	Wed, 07 Jul 2010 23:28:46 -0700 (PDT)
Received: by 10.142.186.1 with HTTP; Wed, 7 Jul 2010 23:28:46 -0700 (PDT)
Date: Thu, 8 Jul 2010 14:28:46 +0800
Message-ID: <AANLkTin6Oy4N9GLSlv5pIVIS2c4j6l2IIcVBwghsQpTK@mail.gmail.com>
From: James Corteciano <james@linux-source.org>
To: users@httpd.apache.org
Content-Type: multipart/alternative; boundary=000e0cd2e7420dff38048ada66af
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] AllowOverride: Pros and Cons

--000e0cd2e7420dff38048ada66af
Content-Type: text/plain; charset=ISO-8859-1

Hi All,

I would like to hear your idea's of what are the pros and cons if I will set
a specific directive-type for AllowOverride like AuthConfig,
FileInfo,Indexes, Limit, and Options?

I am just concern about security matters that will produce if I will give
the user full access on .htaccess (AllowOverride All) on their webroot?

Thanks.
James

--000e0cd2e7420dff38048ada66af
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

Hi All,<div><br></div><div>I would like to hear your idea&#39;s of what are=
 the pros and cons if I will set a specific directive-type for AllowOverrid=
e like=A0AuthConfig, FileInfo,Indexes, Limit, and Options?</div><div><br></=
div>
<div>I am just concern about security matters that will produce if I will g=
ive the user full access on .htaccess (AllowOverride All) on their webroot?=
</div><div><br></div><div>Thanks.</div><div>James</div>

--000e0cd2e7420dff38048ada66af--