On 5 Jun 2009, at 12:27, Seema Alevoor wrote: > > On 06/05/09 15:42, Nick Kew wrote: >> On 5 Jun 2009, at 10:53, Seema Alevoor wrote: >>> Hi, >>> >>> Please review the changes for CR 6838652 >>> ( pre-configured printenv and testcgi can leak information to >>> network clients ) >>> at http://cr.opensolaris.org/~seema/6838652/ >> I really don't like that fix. >> Better for the default to forbid them to the outside world: > > Basically, the idea was to retain the default behaviour. > Apache installs them as non-executable.
Really? Well then, my criticism belongs upstream, and I withdraw my comment. -- Nick Kew
