Hey, morons, don't drop people from the CC. Otherwise they'll never know what you're saying.
On Fri, Oct 31, 2003 at 03:07:26PM +0100, Lupe Christoph wrote: > Quoting Phillip Hofmeister <[EMAIL PROTECTED]>: > > > I believe your justification can be found: > > > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=218188 > > > I'm not saying I agree fully with it...but I do understand it... > > Given that some of the affected directives can be used in .htaccess > files, the potential for an ordinary user to exploit this is there. > This allows access to the user the Apache work processes run as. Not > much, but depending on local setup, this can be harmful. But if a malicious user has access to .htaccess, you're already fucked five ways from sunday. -- "It's not Hollywood. War is real, war is primarily not about defeat or victory, it is about death. I've seen thousands and thousands of dead bodies. Do you think I want to have an academic debate on this subject?" -- Robert Fisk -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
