You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jw...@apache.org on 2002/08/05 22:41:43 UTC
cvs commit: httpd-2.0/docs/manual/mod mod_info.html.en
jwoolley 2002/08/05 13:41:43
Modified: docs/manual/mod mod_info.html.en
Log:
update transform
Revision Changes Path
1.6 +8 -0 httpd-2.0/docs/manual/mod/mod_info.html.en
Index: mod_info.html.en
===================================================================
RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_info.html.en,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -u -r1.5 -r1.6
--- mod_info.html.en 2 Aug 2002 04:35:22 -0000 1.5
+++ mod_info.html.en 5 Aug 2002 20:41:42 -0000 1.6
@@ -43,6 +43,14 @@
files, including <em>per</em>-directory files (<em>e.g.</em>,
<code>.htaccess</code>). This may have security-related
ramifications for your site.</p>
+
+ <p>In particular, this module can leak sensitive information
+ from the configuration directives of other Apache modules such as
+ system paths, usernames/passwords, database names, etc. Due to
+ the way this module works there is no way to block information
+ from it. Therefore, this module should ONLY be used in a controlled
+ environment and always with caution.</p>
+
</td></tr></table></blockquote>
<h2>Directives</h2><ul><li><a href="#addmoduleinfo">AddModuleInfo</a></li></ul><hr><h2><a name="AddModuleInfo">AddModuleInfo</a> <a name="addmoduleinfo">Directive</a></h2><table cellpadding="1" cellspacing="0" border="0" bgcolor="#cccccc"><tr><td><table bgcolor="#ffffff"><tr><td nowrap="nowrap"><strong>Description:
</strong></td><td>Allows additional information to be added to the module