On Fri, 24 May 2002, Henk P. Penning wrote: > -- I think requiring 'AllowOverride all' is wrong, > because of the security implications. > It shouldn't even be considered. > If the requirement stays, many mirrors will give up. > > -- The current settings place some limits on the > de developpers (httpd, xml, etc) but they are > not unreasonable.
Ok. I went back to AllowOverride FileInfo Indexes. In reality, the AllowOverride directive is not really flexible enough. By removing "Options", I'm preventing CGI scripts and SSI pages, but we can still access filters and handlers through FileInfo. Ah well. Joshua.
