In version 2.0.x (latest), is very important bug security. When option followsymlinks and symlinksifownermatrch are disabled, there is another way to use symlinks on linux. There is:
I created directory in document root (documentroot=/home/apachedata/htdocs): mkdir directory1 then i create a symlinks, wchich names is the name of file in Directory index (for example index.html) ln -s /etc/passwd index.html Then in browser i put: http://hostname/directory1 and i see the passwd file i browser. If i put http://hostname/directory1/index.html then this security problem is not exist. Please reapir this error(bug), and email me when it is repaired. Sorry for my English. -- Marcin Zawadzki, http://ftims.pl/~marcin/ GPG: 4096D/81DFA928 6C5C F525 8CAA 2A20 B878 C248 08FE 060C 81DF A928
