[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] AllowOverride None

Subject: RE: [cobalt-developers] AllowOverride None
From: "malcolm wild" <cobaltsec@xxxxxxxxxxx>
Date: Sun Feb 11 15:23:03 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

yep!
if you did this in the section marked for
.ht


anyone with a knowledge of .htaccess overrides can enable any features of
apache that they want, ie switch on PHP support for example.

ideally you should only ALLOW the functions that a required by your
client/service checkout apache.org for a list of all the overrides and what
they can/can't do, you'll be surprised how much you can override with a conf
setting of ALL!



-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Herb Rubin
Sent: 11 February 2001 20:46
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: [cobalt-developers] AllowOverride None


In my Raq 4, I noticed in access.conf

  AllowOverride None

so that disabled .htaccess files, I changed it to

  AllowOverride All

Is this a security hole?

Herb

--
Herb Rubin
Pathfinders Software
herbr@xxxxxxxxxxxx
www.pfinders.com
phone: 415 292-4935
fax:   415 292-4913



_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers

Follow-Ups:
- RE: [cobalt-developers] AllowOverride None
  - From: Kal Amry
- RE: [cobalt-developers] AllowOverride None
  - From: baltimoremd

References:
- [cobalt-developers] AllowOverride None
  - From: Herb Rubin

Prev by Date: Re: [cobalt-developers] Sausilito
Next by Date: Re: [cobalt-developers] Corrupt Packages
Previous by thread: [cobalt-developers] AllowOverride None
Next by thread: RE: [cobalt-developers] AllowOverride None

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index