The following reply was made to PR suexec/1769; it has been noted by GNATS.
From: Dean Gaudet <[EMAIL PROTECTED]> To: Gary Shea <[EMAIL PROTECTED]> Cc: [EMAIL PROTECTED] Subject: Re: suexec/1769: suexec too limited -- need per-directory control, more permissive directory structures Date: Wed, 11 Feb 1998 17:43:36 -0800 (PST) On 6 Feb 1998, Gary Shea wrote: > ScriptAlias /htd2/cgi-bin /users/src/a13b3/htd2/cgi-bin > <Location /htd2/cgi-bin> > <Limit GET POST> > UserId shea > GroupId users > </Limit> > </Location> You definately want to lose the <Limit>/</Limit>. Well it will depend a bit on how you implemented things, but you almost never want those... because otherwise you're not protecting all methods. You probably just want: <Location ...> UserID shea GroupId users </Location> As for the patch, I think we're going to have to stick this in contrib for now because we're not at a point in either the 1.2 or 1.3 development cycle where we want to make such a large change to a very security sensitive feature. But thanks for contributing it. Dean
