You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Aram Mirzadeh <aw...@qosina.com> on 1996/06/29 18:17:25 UTC
WWW Form Bug Report: "access restriction to proxy server?" on Linux (fwd)
-----BEGIN PGP SIGNED MESSAGE-----
Security concern for the proxy people... can you restrict get to the
proxy tempory directory for this?
No ack.
pp@opus5.de said:
> From nobody@hyperreal.com Fri Jun 28 06:53:22 1996
> Message-Id: <19...@taz.hyperreal.com>
> From: pp@opus5.de
> To: awm@qosina.com
> Date: Fri Jun 28 3:53:34 1996
> Subject: WWW Form Bug Report: "access restriction to proxy server?" on Linux
>
> Submitter: pp@opus5.de
> Operating system: Linux, version:
> Version of Apache Used: 1.1b2
> Extra Modules used: proxy
> URL exhibiting problem:
>
> Symptoms:
> --
> I can`t find a way to restrict access
> to an apache Server running exclusively
> as proxy Server. There is no directory from where
> down I would restrict access.
> And <Limit GET> by itself is not accepted.
>
> There is a serious security problem if someone
> from outside uses the internal proxy to gain access
> to internal documents which are access restricted
> by subnet/domain. :-(
> --
>
> Backtrace:
> --
>
> --
>
- --
Aram Mirzadeh
awm@qosina.com,awm@hyperreal.com
http://www.qosina.com/~awm/
PGP Key - http://www.qosina.com/~awm/pgpkey.html
BE 49 9D F6 2A A7 22 FC 02 E9 1E 3D F7 0C 67 A0
43rd Law of Computing:
Anything that can go wr
Segmentation violation -- Core dumped
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQB1AwUBMdUs5FWXWBJqmdlFAQHZPQMAzVn32o2PfaUnpgEuVkRGj7dJLyKvIohs
/HbBn7v6nYKNmSKBHiNUKfyL19sipDCbi6nvhhRHF/0UK2PEtVm+KOYioPRJshVX
QHn4D5OXMlufeRbY9hH7QrLj7MK3tKd0
=8VTo
-----END PGP SIGNATURE-----