this isn't a unix/linux security hole, its an Apache issue. On Monday, April 22, 2002, at 04:40 PM, Bryan Housel wrote:
I love to hate *nix OS security holes.htaccess is an Apache feature... You could run Apache under Windows and the .htaccess files would still work the same way..