[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Directory Indexing

Subject: [cobalt-security] Directory Indexing
From: "Terrance Dwyer" <td@xxxxxxxx>
Date: Wed, 6 Jun 2001 17:35:04 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I was under the impression that the default settings on a Raq disallowed
directory indexing
via http.  I thought the access.conf "directory, options, none" setting made
directory browsing "forbidden" on a Raq.  Yet I discovered recently that cgi
directories and others are readable on most web sites, but mysteriously, not
all of them.  That is, all permissions being equal. I've applied band aids
to prevent future access but I'm disturbed by this breach of security.

Any thoughts would be appreciated.

T. Dwyer

Follow-Ups:
- [cobalt-security] [RaQ3] Port Sentry
  - From: Sean Chester
- [cobalt-security] cgiwrap users
  - From: Dave Worth

Prev by Date: Re: [cobalt-security] proftpd-1.2.2rc1-C2 vulnerability?
Next by Date: [cobalt-security] [RaQ3] Port Sentry
Previous by thread: Re: [cobalt-security] proftpd-1.2.2rc1-C2 vulnerability?
Next by thread: [cobalt-security] [RaQ3] Port Sentry

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index