You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by hu...@apache.org on 2012/07/30 15:31:29 UTC

svn commit: r1367081 - /httpd/httpd/trunk/docs/manual/mod/mod_lua.xml

Author: humbedooh
Date: Mon Jul 30 13:31:28 2012
New Revision: 1367081

URL: http://svn.apache.org/viewvc?rev=1367081&view=rev
Log:
Add a security notice about using mod_lua on shared hosting.

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_lua.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_lua.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_lua.xml?rev=1367081&r1=1367080&r2=1367081&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_lua.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_lua.xml Mon Jul 30 13:31:28 2012
@@ -47,6 +47,13 @@ Until it is declared stable, usage and b
 at any time, even between stable releases of the 2.4.x series.
 Be sure to check the CHANGES file before upgrading.</note>
 
+<note type="warning"><title>Warning</title>
+<p>This module holds a great deal of power over httpd, which is both a 
+strength and a potential security risk. It is <b>not</b> recommended 
+that you use this module on server that is shared with users you do not 
+trust, as it can be abused to change the internal workings of httpd.</p>
+</note>
+
 </summary>
 
 <section id="basicconf"><title>Basic Configuration</title>