https://issues.apache.org/bugzilla/show_bug.cgi?id=47435
Summary: mod_authz_host does reading of /etc/hosts on each
request
Product: Apache httpd-2
Version: 2.2.11
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P3
Component: mod_auth
AssignedTo: [email protected]
ReportedBy: [email protected]
CC: [email protected]
It looks to me like that config like so:
<Directory /my/dir>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Directory>
causes apache to read /etc/hosts on every request in the specified directory.
I didn't expect that IP-address-based ACLs would require a "double reverse"
lookup (as is very nicely documented for hostname-based ACLs).
Two notes about bugzilla itself:
* I think this is specific to mod_authz_host but I don't see that in the
component list.
* Was not clear to me which is the highest priority P1 or P5. I think this
should probably be the lowest or 2nd lowest priority. A note on priority here:
https://issues.apache.org/bugzilla/page.cgi?id=bug-writing.html
would help.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
