Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Basics: Re: Re[2]: Insecure handling of Apache restrictions?

Re: Re[2]: Insecure handling of Apache restrictions?

From: Mike Arnold <mike_at_midkaemia.fsnet.co.uk>
Date: Wed, 16 Oct 2002 00:24:27 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 15 Oct 2002 5:45 pm, Benoît Gauthier wrote:
> (2002.10.15, 12:44)
>
> >> Why? How can I circumvent this behaviour?
> >
> > Possibly by doing this.
> >
> > <Directory /home/user/public_html/>
> > AuthType Basic
> > AuthName "Please enter your user id and password."
> > AuthDBUserFile /home/user/public_html/controle
> > Require valid-user
> > </Directory>
>
> That would control access to all of http://blabla.ca/~user though,
> would it not?

Uhmm, yes. I'll have to rethink that one. Just re-read the original and seen
the bit I've missed. Interesting question. Unfortunately I have "broken" my
apache... so I can't check :( Sorry.

> Benoît

Mike

- --
        By three methods we may learn wisdom:
                First, by reflection, which is noblest;
                Second, by imitation, which is easiest;
                and third by experience, which is the bitterest.

                        --Confucius
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9rKO18EqADYNpcNQRAjSUAJsGKsNudMlx5wsxIUGrsRAZWbb2nQCfU99u
mKuNM74P42Rrg9wHNIotHpY=
=kU+d
-----END PGP SIGNATURE-----
Received on Oct 16 2002

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos