>Number: 305 >Category: mod_access >Synopsis: incorrect hostname lookup for allow/deny directives >Confidential: no >Severity: serious >Priority: medium >Responsible: apache (Apache HTTP Project) >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Apr 2 14:30:01 1997 >Originator: [EMAIL PROTECTED] >Organization: apache >Release: 1.2.7b >Environment: Solaris 2.5.1 gcc version 2.7.2.1.f.1 >Description: I have setup our top level webdocs to accessible to the world. In attempting to give per directory access to subdirectorys to my subdomain with the allow/deny directives it would not work. Here is the basic model I use:
<Directory /hyp1/web_docs/plasma> <Limit GET> order deny,allow deny from all allow from hyperion </Limit> </Directory> When the allow directive was changed to .plk.af.mil I could not access that directory from anywhere. When it was changed to .cs.unm.edu, I could access it from machines in the .cs.unm.edu subdomain and nowhere else. When I changed it to a specific name of a machine in my subdomain, I could access it from that machine. This leads me to believe that since the machine the server is running on is hyperion.plk.af.mil that when it does a hostname lookup it is only returning the short name of hyperion therefore not showing the .plk.af.mil subdomain part of the name and therefore not allowing access. >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted:
