www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sl...@apache.org
Subject Re: mod_auth-any/7699: .htaccess is using /etc/passwd as AuthUserFile despite definition in .htaccess file
Date Fri, 11 May 2001 04:24:59 GMT
[In order for any reply to be added to the PR database, you need]
[to include <apbugs@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]


Synopsis: .htaccess is using /etc/passwd as AuthUserFile despite definition in .htaccess file

State-Changed-From-To: open-closed
State-Changed-By: slive
State-Changed-When: Thu May 10 21:24:57 PDT 2001
State-Changed-Why:

Please download and compile Apache directly from
http://www.apache.org/dist/

Apache as distributed from this site never has and
never will authenticate out of /etc/passwd.  However,
some hacked versions of Apache distributed by other
vendors may do this.  In particular, I have seen reports
of the Cobalt Cube version of Apache being modified to
authenticate from /etc/passwd.

Thanks for using Apache!



Mime
View raw message