You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2004/02/06 17:15:55 UTC
Re: FileSystem v.s. Other Resources [was configurable
Location?]
At 09:47 AM 2/6/2004, gregames@apache.org wrote:
>William A. Rowe, Jr. wrote:
>>At 12:17 PM 2/5/2004, Joshua Slive wrote:
>>
>>>>I do, however, agree that doing a directory-walk on virtual resources is
>>>>not nice. But my opinion is that "virtualness" is a property of the
>>>>resource, and hence should be designated when selecting the resource.
>>>>That is why I suggested changing SetHandler rather than <Location>.
>>>
>>>And perhaps I'm going way off in left field here, but why should this be
>>>user-configurable at all? Shouldn't the (for example) server-status
>>>handler know itself that it is a virtual handler, and therefore indicate
>>>that the directory-walk should be skipped?
>>
>>For example, yes. But on the other hand, what prevents someone from
>>removing the server-status handler in the fixups phase and tricking us into
>>serving a file.
>
>sounds like we're getting into defense mechanisms against hypothetical malicious modules... a loosing battle IMO
Malice? Nah, defending against badly written or inherently insecure modules.
But much more to the discussion at hand...
...will administrators grok when <Location virtual "/foo"> is a safe bet? Will
it proliferate in example configurations in the wild, in unsafe ways? I think
we can all presume it will. Look at our frustrations with users that have
essentially open proxy configs, which they set up by following examples
that proliferate out there.
Just playing defense here.
Bill