8 messages in com.mysql.lists.eventum-usersRe: Severe security problem with even...| From | Sent On | Attachments |
|---|---|---|
| Tim Uckun | 22 Feb 2006 13:29 | |
| Bryan Alsdorf | 22 Feb 2006 13:37 | |
| Lamont R. Peterson | 22 Feb 2006 13:55 | |
| Joao Prado Maia | 22 Feb 2006 14:13 | |
| Lamont R. Peterson | 22 Feb 2006 14:20 | |
| Walt Washburn | 22 Feb 2006 14:22 | |
| Joao Prado Maia | 22 Feb 2006 14:27 | |
| Lamont R. Peterson | 22 Feb 2006 15:02 |
| Subject: | Re: Severe security problem with eventum. |
|---|---|
| From: | Lamont R. Peterson (pere...@openbrainstem.net) |
| Date: | 02/22/2006 02:20:49 PM |
| List: | com.mysql.lists.eventum-users |
On Wednesday 22 February 2006 03:14pm, Joao Prado Maia wrote:
Bryan,
In Eventum 2.0 we will be changing the directory structure to locate logs, include files, etc in a directory not under the webroot. The current structure is in place to make Eventum easy to install.
You could also add a pre-made .htaccess file to the directories that shouldn't be visible to the Eventum distribution, and that would be a nice-to-have feature while 2.0 is not ready yet.
Some of us are wise enough to not AllowOverride. That's why I suggested using <Directory> and/or <Files> tags in the correct configuration file context (with <VirtualHost> for example).
-- Lamont R. Peterson <pere...@openbrainstem.net> Founder [ http://blog.openbrainstem.net/peregrine/ ] GPG Key fingerprint: 0E35 93C5 4249 49F0 EC7B 4DDD BE46 4732 6460 CCB5 ___ ____ _ _ / _ \ _ __ ___ _ __ | __ ) _ __ __ _(_)_ __ ___| |_ ___ _ __ ___ | | | | '_ \ / _ \ '_ \| _ \| '__/ _` | | '_ \/ __| __/ _ \ '_ ` _ \ | |_| | |_) | __/ | | | |_) | | | (_| | | | | \__ \ || __/ | | | | | \___/| .__/ \___|_| |_|____/|_| \__,_|_|_| |_|___/\__\___|_| |_| |_| |_| Intelligent Open Source Software Engineering [ http://www.OpenBrainstem.net/ ]