Re: "Forbid" directive in core?

> On 27 Apr 2020, at 16:37, Eric Covener wrote: > > > Bumping a very old thread. tl;dr people are often surprised that when > Location sections have access control directives and overlap with the > filesystem it undoes the default > >Require all denied > We always warn against mixing

Re: "Forbid" directive in core?

On Mon, Apr 27, 2020 at 12:14 PM Yann Ylavic wrote: > > On Mon, Apr 27, 2020 at 5:37 PM Eric Covener wrote: > > > > Bumping a very old thread. tl;dr people are often surprised that when > > Location sections have access control directives and overlap with the > > filesystem it undoes the default

Re: "Forbid" directive in core?

On Mon, Apr 27, 2020 at 5:37 PM Eric Covener wrote: > > Bumping a very old thread. tl;dr people are often surprised that when > Location sections have access control directives and overlap with the > filesystem it undoes the default > > Require all denied > Thanks for pointing at this, I w

Re: "Forbid" directive in core?

On Mon, Apr 27, 2020 at 11:37 AM Eric Covener wrote: > On Sat, Sep 28, 2013 at 12:21 PM Tim Bannister > wrote: > > The second time in a few days, I'm going to suggest adding an optional > parameter to a directive. > > > > Taking a leaf out of cascading stylesheets, how about “Forbidden On > Leve

Re: "Forbid" directive in core?

On Sat, Sep 28, 2013 at 12:21 PM Tim Bannister wrote: > > On 28 Sep 2013, at 14:19, Eric Covener wrote: > > > I've come back to this because I've struggled in another area with > > access_checker vs. access_checker_ex. I really think we need basic access > > control outside of Require and Sati

Re: "Forbid" directive in core?

Am Samstag, 28. September 2013, 09:19:28 schrieb Eric Covener: > I've come back to this because I've struggled in another area with > access_checker vs. access_checker_ex. I really think we need basic > access control outside of Require and Satisfy. > > I have a copy of the "Forbidden" directive

Re: "Forbid" directive in core?

Am 28.09.2013 18:21, schrieb Tim Bannister: > On 28 Sep 2013, at 14:19, Eric Covener wrote: > >> I've come back to this because I've struggled in another area with >> access_checker vs. access_checker_ex. I really think we need basic access >> control outside of Require and Satisfy. >> >> I h

Re: "Forbid" directive in core?

On 28 Sep 2013, at 14:19, Eric Covener wrote: > I've come back to this because I've struggled in another area with > access_checker vs. access_checker_ex. I really think we need basic access > control outside of Require and Satisfy. > > I have a copy of the "Forbidden" directive in mod_authz_

Re: "Forbid" directive in core?

I've come back to this because I've struggled in another area with access_checker vs. access_checker_ex. I really think we need basic access control outside of Require and Satisfy. I have a copy of the "Forbidden" directive in mod_authz_core and I am currrently allowing ON/OFF flags. * using a n

Re: "Forbid" directive in core?

On Monday 10 June 2013, Plüm, Rüdiger, Vodafone Group wrote: > > > I'd like to add an immutable Forbid directive to the core and > > > use it in some places in the default configuration instead of > > > "require all denied". > > > > > > http://people.apache.org/~covener/forbid.diff > > > > > > Th

Re: "Forbid" directive in core?

On Monday 10 June 2013, Tim Bannister wrote: > On 10 Jun 2013, at 15:17, Graham Leggett wrote: > > On 10 Jun 2013, at 3:35 PM, Eric Covener wrote: > >> I'd like to add an immutable Forbid directive to the core and > >> use it in some places in the default configuration instead of > >> "require a

Re: "Forbid" directive in core?

> Why indeed in core? Started there because that's where AccessFileName lives.

Re: "Forbid" directive in core?

On 10 Jun 2013, at 15:17, Graham Leggett wrote: > On 10 Jun 2013, at 3:35 PM, Eric Covener wrote: > >> I'd like to add an immutable Forbid directive to the core and use it in some >> places in the default configuration instead of "require all denied". >> >> http://people.apache.org/~covener/fo

Re: "Forbid" directive in core?

On 10 Jun 2013, at 3:35 PM, Eric Covener wrote: > I'd like to add an immutable Forbid directive to the core and use it > in some places in the default configuration instead of "require all > denied". > > http://people.apache.org/~covener/forbid.diff > > This protects from a broad supercedes Di

RE: "Forbid" directive in core?

> -Original Message- > From: Nick Kew [mailto:n...@webthing.com] > Sent: Montag, 10. Juni 2013 16:02 > To: dev@httpd.apache.org > Subject: Re: "Forbid" directive in core? > > > On 10 Jun 2013, at 14:35, Eric Covener wrote: > > > I'd

Re: "Forbid" directive in core?

On 10 Jun 2013, at 14:35, Eric Covener wrote: > I'd like to add an immutable Forbid directive to the core and use it > in some places in the default configuration instead of "require all > denied". > > http://people.apache.org/~covener/forbid.diff > > This protects from a broad supercedes Dire

Re: "Forbid" directive in core?

On 10 Jun 2013, at 14:35, Eric Covener wrote: > I'd like to add an immutable Forbid directive to the core and use it in some > places in the default configuration instead of "require all denied". > > http://people.apache.org/~covener/forbid.diff > > This protects from a broad Directory/Files.

"Forbid" directive in core?

I'd like to add an immutable Forbid directive to the core and use it in some places in the default configuration instead of "require all denied". http://people.apache.org/~covener/forbid.diff This protects from a broad