On Thursday 07 of April 2005 11:23, [EMAIL PROTECTED] wrote: > the htaccess from phpmyadmin "enable" extension and > access. Thus it override the ones in the apache.conf. > > It looks quite dangerous security wise. Could the overlapping > parameters (order, allow mostly) be removed from one of the file > ?
You're probably right, the /etc/phpmyadmin/htaccess file shouldn't override global configuration but I don't understand why it might be so dangerouse. At least it is the conffile which can be modified by administrator. > > Regards > Alban > > PS: i have looked around for why phpmyadmin add a symlink in > /var/www (which could nfs mounted from another server > theorically ). /var being for data my opinion is that /var/www > is an artefact from the days when there was only static http to feed the > server .(it is also not part of the FHS being replaced by /srv > that most admin named /data before or used /home/http/) .It > could be removed from future distributions ... > Again is there a place to discuss such matters ? I think the best place shoud be [EMAIL PROTECTED] -- .''`. Piotr Roszatycki, Netia SA : :' : mailto:[EMAIL PROTECTED] `. `' mailto:[EMAIL PROTECTED] `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]