www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From str...@physik3.gwdg.de
Subject Re: mod_access/2851: Are "order allow,deny" and "order mutual-failure" identical?
Date Fri, 14 Aug 1998 14:00:00 GMT
The following reply was made to PR mod_access/2851; it has been noted by GNATS.

From: strube@physik3.gwdg.de
To: apbugs@apache.org
Cc:  Subject: Re: mod_access/2851: Are "order allow,deny" and "order mutual-failure" identical?
Date: Fri, 14 Aug 1998 15:54:03 +0200

 I do not agree with this, based both on logic and on the program code:
 > No, "order allow,deny" and "order mutual-failure" are
 > not identical. If you use allow,deny access is granted
 > if the address is listed in the allow line, if it is
 > also on the deny line is irrelevant.
 This would imply that under "order allow,deny", the deny list is entirely
 irrelevant, since the initial state is FORBIDDEN. However, the code favors
 my first interpretation:
     if (a->order[method] == ALLOW_THEN_DENY) {
         ret = FORBIDDEN;
         if (find_allowdeny(r, a->allows, method))
             ret = OK;
         if (find_allowdeny(r, a->denys, method))
             ret = FORBIDDEN;
 Initially: FORBIDDEN; if found in a->allows: OK; if then found in a->denys,
 FORBIDDEN again. So where is my misunderstanding?
  Hans Werner Strube          strube@physik3.gwdg.de
  Drittes Physikalisches Institut,  Univ. Goettingen
  Buergerstr. 42-44,   D-37073 Goettingen,   Germany

View raw message