Ben Laurie <[EMAIL PROTECTED]>:
> Attempting to make URL to file translations safe is a tricky task. I
> suggest we don't even bother with s_server - why would we want to? It is
> a test/demo tool?
Richard add a -WWW option that makes available the files under the
current directory. It's just a test tool, but still it should not
allow anyone who can connect to the s_server port to obtain the
contents of other local files; so we have to reject file names
referencing directory "..".
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
