Author: glen Date: Mon May 4 09:26:04 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- match only *.php for added security by avoiding multiple extensions match
http://isc.sans.org/diary.html?storyid=6139
---- Files affected:
packages/php:
php-mod_php.conf (1.9 -> 1.10)
---- Diffs:
================================================================
Index: packages/php/php-mod_php.conf
diff -u packages/php/php-mod_php.conf:1.9 packages/php/php-mod_php.conf:1.10
--- packages/php/php-mod_php.conf:1.9 Tue Feb 28 11:17:09 2006
+++ packages/php/php-mod_php.conf Mon May 4 11:25:59 2009
@@ -1,12 +1,22 @@
LoadModule php5_module modules/libphp5.so
<IfModule mod_php5.c>
-
-AddType application/x-httpd-php .php
-AddType application/x-httpd-php .php3
-AddType application/x-httpd-php .php4
-AddType application/x-httpd-php .php5
-AddType application/x-httpd-php .inc
-AddType application/x-httpd-php .phtml
-
+ <Files *.php>
+ AddType application/x-httpd-php .php
+ </Files>
+ <Files *.php3>
+ AddType application/x-httpd-php .php3
+ </Files>
+ <Files *.php4>
+ AddType application/x-httpd-php .php4
+ </Files>
+ <Files *.php5>
+ AddType application/x-httpd-php .php5
+ </Files>
+ <Files *.inc>
+ AddType application/x-httpd-php .inc
+ </Files>
+ <Files *.phtml>
+ AddType application/x-httpd-php .phtml
+ </Files>
</IfModule>
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/php/php-mod_php.conf?r1=1.9&r2=1.10&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
