www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@apache.org
Subject Re: general/7866: every cgi script can read out the files with read access for all
Date Wed, 13 Jun 2001 21:42:32 GMT
[In order for any reply to be added to the PR database, you need]
[to include <apbugs@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or      ]
["Re: general/1098:").  If the subject doesn't match this       ]
[pattern, your message will be misfiled and ignored.  The       ]
["apbugs" address is not added to the Cc line of messages from  ]
[the database automatically because of the potential for mail   ]
[loops.  If you do not include this Cc, your reply may be ig-   ]
[nored unless you are responding to an explicit request from a  ]
[developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]

Synopsis: every cgi script can read out the files with read access for all

State-Changed-From-To: open-closed
State-Changed-By: marc
State-Changed-When: Wed Jun 13 14:42:31 PDT 2001
Setting file permissions is a function of the OS; by the 
very nature of what CGI is, Apache can't do anything about
it.  Apache can be run chrooted just fine using an external wrapper; it is up to the admin
to set it up that way if they so desire.

View raw message