[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Re: SSI Vuln on cobalt

Subject: Re: [cobalt-security] Re: SSI Vuln on cobalt
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Mon, 22 Apr 2002 19:46:58 +0200
Organization: SOLARSPEED.NET
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Jeff,

> How about the Cobalt buttons to turn on SSI and CGI?  Will they still
> work?  I haven't tried, but I don't think so; I think that your
> suggested "AllowOverride None" will keep them from working as well.

No, the buttons will still work, so you can toggle the SSI and CGI option for 
a website. However, the "AllowOverride None" will make sure that the user 
uploaded .htaccess files will no longer work. And the ones from Frontpage 
won't work either.

When you really need and want .htaccess to protect selected content, then you 
can add another directive into access.conf to allow .htaccess in that 
specific directory and its subdirectories.

-- 

Mit freundlichen Grüßen / With best regards

Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer

References:
- [cobalt-security] Re: SSI Vuln on cobalt
  - From: Chris Adams
- Re: [cobalt-security] Re: SSI Vuln on cobalt
  - From: Michael Stauber
- Re: [cobalt-security] Re: SSI Vuln on cobalt
  - From: Jeff Lasman

Prev by Date: [cobalt-security] Re: Re: SSI Vuln on cobalt
Next by Date: [cobalt-security] Re: SSI Vuln on cobalt
Previous by thread: Re: [cobalt-security] Re: SSI Vuln on cobalt
Next by thread: Re: [cobalt-security] Re: SSI Vuln on cobalt

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index