From: "David Schwartz" <[EMAIL PROTECTED]> davids> > Richard add a -WWW option that makes available the files under the davids> > current directory. It's just a test tool, but still it should not davids> > allow anyone who can connect to the s_server port to obtain the davids> > contents of other local files; so we have to reject file names davids> > referencing directory "..". davids> davids> Don't think about what you have to reject, that will davids> screw you up completely. Think only in terms if what you wish davids> to allow. I guess that since this is a test tool, we allow everything except referencing the directory ".." :-). -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: cvs commit: openssl/apps s_server.c
Richard Levitte - VMS Whacker Sun, 01 Apr 2001 06:12:24 -0700
- Re: cvs commit: openssl/apps s_server.c Ben Laurie
- Re: cvs commit: openssl/apps s_server.c Bodo Moeller
- RE: cvs commit: openssl/apps s_server.c David Schwartz
- Re: cvs commit: openssl/apps s_server.c Bodo Moeller
- Richard Levitte - VMS Whacker
