DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40217>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40217 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |RESOLVED Resolution| |INVALID ------- Additional Comments From [EMAIL PROTECTED] 2006-08-09 21:15 ------- (In reply to comment #2) > I disagree that FilesMatch is not intended to hide files, mod_autoindex does > not In order to prevent files from showing up in a mod_autoindex listing and thus hiding them, you should use IndexIgnore. I guess it is just because mod_autoindex fails to detect the mime type of the file that it does not display it. But this not really intentional. > display files that match the above patter. Moreover, you get a "403 Forbidden" > when trying to read a file that matches the FilesMatch pattern from any web In this case you try to access the file itself. That is what filesmatch prevents and should prevent. This is also prevented in the dav case. You can *see* the files in Webdrive but you *cannot* access them. > browser. Again, everything *but* DAV honors the FilesMatch directive as specified. What do you mean by everything? I see only mod_autoindex and the behaviour there is not intentional. > > Anyway, if you don't think FilesMatch should be used in this way, how would > you > suggest preventing a DAV client from seeing access control files? This is not possible. Again think of the Unix filesystem permissions here. If you want to prevent someone from *seeing* files in a directory you have to revoke read permissions on this directory. The same is true for mod_dav. Seeing a file is not a property or permission of the file, but of the directory or better the collection in the dav case. But of course you can prevent people from accessing the access control files via filesmatch. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
