> Hi. How come latest mathopd versions (from 1.4 I think) don't support > the Symlinks directive?
It is impossible to implement this securely. Symlink checking works as follows (grossly simplified) 1 lstat() a file if it is a symbolic link, refuse the request, otherwise 2 open it The problem is that there is a window of time between (1) and (2) during which a malicious user can change a file into a symbolic link and thus bypass the check. If you are really concerned about security I would recommend you run the server in a chroot environment (using RootDirectory.) HTH Cheers Michiel
