* Joe Orton wrote: > Enabling UserDir by default can allow remote users to determine whether > a given username is valid on the system or not, even if no users have a > public_html directory, from the difference between a 403 from a chmod > 700 /home/realuser and a 404 from not finding /home/nosuchuser. > > After a few iterations which did confuse people, we ended up using text > like this for the default Red Hat-packaged httpd.conf:
+1 (and don't forget the windows default config) nd -- Winnetous Erbe: <http://pub.perlig.de/books.html#apache2>
