[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Re: RE: SSI Vuln on cobalt
- Subject: [cobalt-security] Re: RE: SSI Vuln on cobalt
- From: Chris Adams <cmadams@xxxxxxxxxx>
- Date: Mon, 22 Apr 2002 14:04:05 -0500
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Once upon a time, Jeff Lasman <jblists@xxxxxxxxxxxxx> said:
> Easy way, as I mentioned in an earlier reply, install a root-owned
> .htaccess file in the /web folder. Then your site-admin won't be able
> to upload one.
And, as others and I mentioned, that doesn't work. All the site admin
has to do is delete your root-created .htaccess file or create a
subdirectory.
--
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.