On Mon Mar 04 15:50 -0700, Vincent Danen wrote: > Apache works just *fine* without Indexes. And because it is, > potentially, a security hole (through inappropriate disclosure), the > end user should be forced to enable it where appropriate... which is > exactly the case.
Yes, but every case that I can think of where a security problem was caused by Indexes was in reality a case of putting a sensitive file in a web-accessible directory. The indexing itself is not a problem, imo. -- Levi Ramsey [EMAIL PROTECTED] [EMAIL PROTECTED] When it comes down to desperation, You make the best of your situation. Linux 2.4.17-20mdk 10:01pm up 7 days, 7:43, 16 users, load average: 0.24, 0.08, 0.02
