jim 98/05/08 09:31:10
Modified: . STATUS
Log:
Have a patch which handles all the comments
about the ap_pcfg_openfile 'family'
Revision Changes Path
1.387 +2 -12 apache-1.3/STATUS
Index: STATUS
===================================================================
RCS file: /export/home/cvs/apache-1.3/STATUS,v
retrieving revision 1.386
retrieving revision 1.387
diff -u -r1.386 -r1.387
--- STATUS 1998/05/08 13:36:09 1.386
+++ STATUS 1998/05/08 16:31:09 1.387
@@ -20,18 +20,8 @@
* The DoS issue about symlinks to /dev/zero is still present.
A device checker patch had been sent to the list a while ago.
- PATCH: Make the code wrapped by unvoted_DISALLOW_DEVICE_ACCESS
- the default in ap_pcfg_openfile()
- Status: Martin +1, Jim +1
- Brian: This still doesn't fix it for htpasswd files...
- how about other files like the mime types file?
- Jim: It looks like it does fix it for htpasswd (assuming
- htpasswd files are accessed via get_pw()), and group
- files (assuming accessed by groups_for_user()), the
- mod_mime MIME-file, IMAP handler imap-file and digest
- password file. What others are we concerned about?
- Dean: ap_pcfg_openfile() should use pfopen() instead of
- fopen().
+ PATCH: <[EMAIL PROTECTED]>
+ Status: Jim +1
WIN32 1.3 FINAL RELEASE SHOWSTOPPERS:
