> -----Ursprüngliche Nachricht----- > Von: Nick Kew > Gesendet: Mittwoch, 6. Dezember 2006 14:34 > An: [email protected]
> > In this instance, we need to work through how this relates to > relevant updates leading to the CHANGES file entry: > > core: Do not allow internal redirects like the DirectoryIndex of > mod_dir to circumvent the symbolic link checks imposed by > FollowSymLinks and SymLinksIfOwnerMatch. [Nick Kew, > Ruediger Pluem, > William Rowe] > > I'm struggling to find the relevant changes in SVN, and there are > no pointers in the relevant bug report PR#14206. I guess r423886 r425057 r425394 is what you are looking for. Furthermore I remember from the discussions on these changes that we should be very very cautious in changing this code as it is very security sensitive. Regards Rüdiger
