-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On June 29, 2001 04:40 pm, Dee McKinney wrote:
I would like to see SuSE change the default /etc/httpd/httpd.conf from "-FollowSymLinks" to "+FollowSymLinks". This would help a lot of users.
Is there a good reason why it's not +FollowSymLinks as a default ?
Absolutely. You probably let web authors create files under your htdocs directory or their public_html directories. Imagine if one created a symlink to /etc or something. Your anonymous FTP server is set up in the same way. I'm glad that the secure option is default in SuSE. If you don't care about the security issues, you can change it yourself. It is better that the user knows the issue if they are vulnerable. - -- James Oakley Engineering - SolutionInc Ltd. joakley@solutioninc.com http://www.solutioninc.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7PNyL+FOexA3koIgRAvQJAJ9d7tY6q1uzj2Uj6VnodeWbY19GQwCffySf 0hjsOqKwwZtzY/yX6lRV2RU= =s02S -----END PGP SIGNATURE-----