> Well then perl is a security hole. You should probably delete it.
Matt, if you allow ExecCGI in any directory in the document tree,
including those owned by ordinary users then you are exposing yourself to
a terrible security risk! You should turn it off immediately!!
But I'm kind of guessing you don't :-)
I'm guessing that you, like the rest of us, restrict the ability to write
those files to a limited set of system personel but allow ordinary users
to write HTML/XML files.
The *valid* comparison is with the 'include' directive in mod_exec which
tries not to allow access to files outside the document tree. It:
1. respects .htaccess permissions.
2. refuses to allow either absoluute pathnames or those starting
with '../'
3. allows a 'virtual' value which is treated as a URL.
Which is roughly how I say axkit should behave. Having file:// urls allows
someone with partial access to the system (say an exported subdirectory of
the document root) leverage their permissions to get axkit to look at
other parts of the hosts directory tree.
> It does do that. That was the whole problem in this thread. The bug that
> Markus is stuck with is a bug in nsgmls, not in AxKit (modulo the problem
> with relative URIs he's seeing).
Maybe I'm doing something wrong (I'm very new to xml). If I have an XML
file starting:
<?xml version="1.0"?>
<!DOCTYPE localdoc SYSTEM "/usr/local/share/sgml/dtd/local/localdoc.dtd" [
]>
<?xml-stylesheet href="/xml/localdoc.xsl" type="text/xsl"?>
Then my apache logs complain about a missing 'usr' directory in the
directory where the xml file lives, not the document root. I would
appreciate advice on how to properly specify the file.
John
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
