[prev in list] [next in list] [prev in thread] [next in thread]
List: php-general
Subject: RE: [PHP] Symbolic link fails when User Authentication comes in
From: "david klein" <davidklein101 () hotmail ! com>
Date: 2001-01-31 20:04:14
[Download RAW message or body]
Johnny,
It works, but how could this create a security hole? Could you please
expalin a little bit more?
Thanks,
David
>From: "johnny p." <johnny@gameloop.com>
>To: "david klein" <davidklein101@hotmail.com>, <php-general@lists.php.net>
>Subject: RE: [PHP] Symbolic link fails when User Authentication comes in
>Date: Wed, 31 Jan 2001 13:54:22 -0600
>
>Add the FollowSymLinks to your httpd.conf file for that directory. I
>don't recommend doing this, tho, since it *is* a security hole.
>
> <Directory /apps/apache/docs/test1>
> Options Indexes FollowSymLinks
> </Directory>
>
>johnny p.
>
> > -----Original Message-----
> > From: david klein [mailto:davidklein101@hotmail.com]
> > Sent: Wednesday, January 31, 2001 1:43 PM
> > To: php-general@lists.php.net
> > Subject: [PHP] Symbolic link fails when User Authentication comes in
> >
> >
> > I am using Apache user authentication, and it works fine.
> > However, if there
> > is a symbolic link inside a securied directory, the symbolic
> > linked file
> > will deny any access.
> >
> > For example, directory "/apps/apache/docs/test1" is a
> > securied directory,
> > and there is a symbolic linked file "file1.txt", after you
> > logged into
> > directory "/apps/apache/docs/test1" and try to access
> > "file1.txt", you will
> > be denied for the access?
> >
> > Does anyone have any idea?
> >
> > Thanks,
> > David
> > _________________________________________________________________
> > Get your FREE download of MSN Explorer at http://explorer.msn.com
> >
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, e-mail: php-general-unsubscribe@lists.php.net
> > For additional commands, e-mail: php-general-help@lists.php.net
> > To contact the list administrators, e-mail:
> > php-list-admin@lists.php.net
> >
> >
>
>
>--
>PHP General Mailing List (http://www.php.net/)
>To unsubscribe, e-mail: php-general-unsubscribe@lists.php.net
>For additional commands, e-mail: php-general-help@lists.php.net
>To contact the list administrators, e-mail: php-list-admin@lists.php.net
>
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: php-general-unsubscribe@lists.php.net
For additional commands, e-mail: php-general-help@lists.php.net
To contact the list administrators, e-mail: php-list-admin@lists.php.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic