On Mon, 24 Jun 2013 23:57:01 +0500 Ali Hasan Ghauri <alihasangha...@hotmail.com> wrote:
> It is Directory Listing (Apache) . An attacker can see the files > located in the directory and could potentially access files which > disclose sensitive information . This is by design. The smarter attacker would just download the website source in svn, https://svn.torproject.org/svn/website/trunk/. Like any smart company, we have no sensitive files on our websites. > Many websites pay bug bounty to researcher who report the bug yo > them . Can you ? Thanks for the hint, but as these aren't bugs, nothing to report here. In the future, please don't cross lists. Pick one and stick with it. Thanks. -- Andrew http://tpo.is/contact pgp 0x6B4D6475 _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk