I was under the impression that the default settings on a Raq disallowed directory indexing via http. I thought the access.conf "directory, options, none" setting made directory browsing "forbidden" on a Raq. Yet I discovered recently that cgi directories and others are readable on most web sites, but mysteriously, not all of them. That is, all permissions being equal. I've applied band aids to prevent future access but I'm disturbed by this breach of security. Any thoughts would be appreciated. T. Dwyer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
