>Hi! >Someone often uploads files to /tmp and then executing in on the server with >webserver user priveleges. How to prevent it?
>Thanks, >G. One possibility is this: <Location /tmp > <Limit GET HEAD POST> Order Deny,Allow # Deny from All Allow from All </Limit> <LimitExcept GET HEAD POST> Order Deny,Allow Deny from all Allow from 127.0.0.1 </LimitExcept> </Location> The only one which can make than e.g. PUT /tmp/badcode.htm is than one from localost. Greets Oliver --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
<<winmail.dat>>
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]