Apache 2.0.54-4 on Debian Sid.
I have a setup with the document root with no access, but then I allow
access to individual subdirectories (normally via basic auth).
Say foo is one of those sub-directories and DocRoot is
/var/lib/projects.
So a request for:
GET http://bumby:88/foo/env.cgi/other/foo
results in this message in the error log:
[error] .. client denied by server configuration: /var/lib/projects/other
If I enable access to the doc root then this error doesn't show up.
It's interesting that only the first extra path segment is used
("other", but not that last "foo").
Can someone explain this behavior?
Here's my complete httpd.conf file:
ServerRoot /etc/apache2
User www-data
Group www-data
Listen 88
PidFile /var/run/apache2.pid
ErrorLog /var/log/apache2/error.log
TypesConfig /etc/mime.types
ServerName bumby
LoadModule cgi_module /usr/lib/apache2/modules/mod_cgi.so
# Restrictive by default
<Directory />
Options None
AllowOverride None
Deny from all
</Directory>
DocumentRoot /var/lib/projects
<Directory /var/lib/projects>
# Uncomment below and error does not show up
#Allow from all
<files env.cgi>
SetHandler cgi-script
Options +ExecCGI
</files>
</Directory>
<Directory /var/lib/projects/foo>
Allow from all
</Directory>
--
Bill Moseley
moseley@xxxxxxxx
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|