You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by Quynh-Giao Tran <gi...@r2d2.ed.gov> on 1997/07/14 16:50:01 UTC

mod_auth-any/863: Server bypass .htaccess files authorization configuration in access.conf file.

>Number:         863
>Category:       mod_auth-any
>Synopsis:       Server bypass .htaccess files authorization configuration in access.conf file.
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Mon Jul 14 07:50:00 1997
>Originator:     giao@r2d2.ed.gov
>Organization:
apache
>Release:        apache-1.2.1
>Environment:
SunOS vader 5.5.1 Generic_103640-08 sun4u sparc, gcc-2.7.2.2 compiler.
>Description:
The serve bypass the authorization .htaccess file as well as the configuration
in the access.conf file.  The same configuration and .htaccess file works if 
configure in public_html directory.
>How-To-Repeat:
http://www2.ed.gov/Programs/setform/
>Fix:
No
>Audit-Trail:
>Unformatted: