[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Re: RewriteEngine not allowed here .htaccess

Subject: Re: [cobalt-users] Re: RewriteEngine not allowed here .htaccess
From: Larry Smith <lesmith@xxxxxxxxx>
Date: Fri Mar 15 13:51:02 2002
Organization: ECSIS.NET
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

INRE [cobalt-users] Re: RewriteEngine not allowed here .htaccess:
> access.conf file needs this added so the RewriteEngine has permission to
> work in the virtual servers you give permission to here.
>
> <Directory /home/sites/siteXX>
> AllowOverride All
> Options All
> </Directory>

  Maybe it is just me, but this reminds me of the comment "the operation was 
a success, but the patient died......

  Possibly you are un-aware that overide all and options all means that 
anyone who has access to a web site where this is done, can now use 
"symbolic" links to point to anything in your system and display it on their 
web ???  Or even add server-side includes to display the password file and 
such ???

  Just curious.....

Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx

References:
- [cobalt-users] Re: RewriteEngine not allowed here .htaccess
  - From: DeSign Co. - The web Pro's

Prev by Date: [cobalt-users] Re: RewriteEngine not allowed here .htaccess
Next by Date: Re: [cobalt-users] I AM IN TROUBLE AND CANT RESOLVE IT
Previous by thread: [cobalt-users] Re: RewriteEngine not allowed here .htaccess
Next by thread: [cobalt-users] mrtg error

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index