[1096] in WWW Security List Archive
Re: Unix links subverting Web security
daemon@ATHENA.MIT.EDU (Lincoln D. Stein)
Mon Oct 30 19:57:14 1995
Date: Mon, 30 Oct 1995 14:11:51 -0500
To: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif )
From: lstein@genome.wi.mit.edu (Lincoln D. Stein)
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
>>Don't forget that remote users can view .htaccess with ease just by asking
>>for the URL!
>>
>> http://your-site/.htaccess
>
>No, you have 2 different directories for documents (def: htdocs) and
>conf (def: conf) - at least with ncsa-httpd and derivates
Yes, this is the better way to do it, but a lot of people use the alternate
per-directory file method.
========================================================================
Lincoln Stein, M.D.,Ph.D. lstein@genome.wi.mit.edu
Director: Informatics Core
MIT Genome Center (617) 252-1916
Whitehead Institute for Biomedical Research (617) 252-1902 FAX
One Kendall Square
Cambridge, MA 02139
=================http://www-genome.wi.mit.edu/~lstein====================
