www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@locus.apache.org
Subject Re: mod_include/5702
Date Fri, 04 Feb 2000 19:09:59 GMT
Synopsis: security hole: SSI include virtual executes CGI

State-Changed-From-To: open->closed
State-Changed-By: marc
State-Changed-When: Fri Feb 4 11:09:33 PST 2000
State-Changed-Why: 
That is not a bug.  If you allow something to be executed as a CGI
by other means, you don't add any security problems by allowing that
to happen in a SSI; they could request the same thing directly.

Mime
View raw message