[prev in list] [next in list] [prev in thread] [next in thread]
List: subversion-issues
Subject: =?UTF-8?B?W0lzc3VlIDIxODJdICBFcnJvci9ub24tZXhpc3RhbnQgYXV0aCBmaQ==?=
From: maxb () tigris ! org
Date: 2004-12-27 23:10:46
Message-ID: 20041227231046.16383.qmail () tigris ! org
[Download RAW message or body]
http://subversion.tigris.org/issues/show_bug.cgi?id=2182
------- Additional comments from maxb@tigris.org Mon Dec 27 15:10:46 -0800 2004 -------
Summary:
The issue which is (slightly circumspectly) being described is:
A missing or unreadable authz file has insecure consequences.
I think the behaviour we should be implementing is:
A missing, unreadable or unparsable authz file
... causes apache configtest to fail.
... causes apache server startup to fail.
... occurring after server startup causes a deny-all authz policy to come into
effect.
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@subversion.tigris.org
For additional commands, e-mail: issues-help@subversion.tigris.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic