DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40217>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40217 Summary: mod_dav ignores access restrictions when listing the contents of a directory Product: Apache httpd-2 Version: 2.2.2 Platform: PC OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: mod_dav AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] I have the following block in my httpd.conf, outside of any Virtual Host directive: <FilesMatch "^\.(perms.xml|home.xml|htaccess|davaccess|htaccess.ssl|localUsers|localGroups|ftpaccess)$"> Order allow,deny Deny from all Satisfy All </FilesMatch> This block is intended to hide files that control access for apache and another app that reads the filesystem. When accessing the space using a web browser, all files matching the pattern above are hidden as expected. When using a DAV client such as WebDrive, the files are returned in the directory listing. This causes problems when attempting to copy a folder containing hidden files to a new location, as the DAV client is aware of the hidden file and tries to copy it. It seems like one or more dav permissions is not correctly limited in a general FilesMatch block, when in fact all permissions for both DAV and non-DAV access should be removed by the above block. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
