You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Jason Repik <jj...@hyperion.plk.af.mil> on 1997/04/03 00:30:01 UTC
mod_access/305: incorrect hostname lookup for allow/deny directives
>Number: 305
>Category: mod_access
>Synopsis: incorrect hostname lookup for allow/deny directives
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache (Apache HTTP Project)
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Apr 2 14:30:01 1997
>Originator: jjrepik@hyperion.plk.af.mil
>Organization:
apache
>Release: 1.2.7b
>Environment:
Solaris 2.5.1
gcc version 2.7.2.1.f.1
>Description:
I have setup our top level webdocs to accessible to the world.
In attempting to give per directory access to subdirectorys
to my subdomain with the allow/deny directives it would not work.
Here is the basic model I use:
<Directory /hyp1/web_docs/plasma>
<Limit GET>
order deny,allow
deny from all
allow from hyperion
</Limit>
</Directory>
When the allow directive was changed to .plk.af.mil I could
not access that directory from anywhere. When it was changed
to .cs.unm.edu, I could access it from machines in the .cs.unm.edu
subdomain and nowhere else. When I changed it to a specific
name of a machine in my subdomain, I could access it from that
machine. This leads me to believe that since the machine the
server is running on is hyperion.plk.af.mil that when it does
a hostname lookup it is only returning the short name of
hyperion therefore not showing the .plk.af.mil subdomain part
of the name and therefore not allowing access.
>How-To-Repeat:
>Fix:
>Audit-Trail:
>Unformatted:
Re: mod_access/305: incorrect hostname lookup for allow/deny directives
Posted by Marc Slemko <ma...@znep.com>.
What does your log show for the accesses from the local machine?
Are you saying the below example _does_ work or it _doesn't_ work? How
the hostnames are resolved (ie. fully qualified or not) is a function of
your OS and how it is configured.
On Wed, 2 Apr 1997, Jason Repik wrote:
>
> >Number: 305
> >Category: mod_access
> >Synopsis: incorrect hostname lookup for allow/deny directives
> >Confidential: no
> >Severity: serious
> >Priority: medium
> >Responsible: apache (Apache HTTP Project)
> >State: open
> >Class: sw-bug
> >Submitter-Id: apache
> >Arrival-Date: Wed Apr 2 14:30:01 1997
> >Originator: jjrepik@hyperion.plk.af.mil
> >Organization:
> apache
> >Release: 1.2.7b
> >Environment:
> Solaris 2.5.1
> gcc version 2.7.2.1.f.1
> >Description:
> I have setup our top level webdocs to accessible to the world.
> In attempting to give per directory access to subdirectorys
> to my subdomain with the allow/deny directives it would not work.
> Here is the basic model I use:
>
> <Directory /hyp1/web_docs/plasma>
> <Limit GET>
> order deny,allow
> deny from all
> allow from hyperion
> </Limit>
> </Directory>
>
> When the allow directive was changed to .plk.af.mil I could
> not access that directory from anywhere. When it was changed
> to .cs.unm.edu, I could access it from machines in the .cs.unm.edu
> subdomain and nowhere else. When I changed it to a specific
> name of a machine in my subdomain, I could access it from that
> machine. This leads me to believe that since the machine the
> server is running on is hyperion.plk.af.mil that when it does
> a hostname lookup it is only returning the short name of
> hyperion therefore not showing the .plk.af.mil subdomain part
> of the name and therefore not allowing access.
> >How-To-Repeat:
>
> >Fix:
>
> >Audit-Trail:
> >Unformatted:
>
>