>No. He's saying that it leaks information that doesn't need to be leaked. That is fair enough as regards not leaking information to the client, but there is no excuse for not providing sufficient diagnostics to the server log so that at least the SysAdmin can help the guy. There is no information leak problem there - indeed it may help diagnose attacks as well. -- Cheers, Rick Parsons EDS - UKIMEA - Data Centre - Midrange Unix address: c/o Rolls Royce plc, GP1-2, PO Box 3, Filton, Bristol, BS34 7QE, UK email: mailto:rick.parsons@xxxxxxx telephone: +(44) 117 979 7883 fax: +(44) 117 979 7353 mobile: +(44) 7790 493162 If you have received this email in error, please advise me by reply and delete it. Electronic Data Systems Ltd Registered Office:, Lansdowne House, Berkeley Square, London W1J 6ER Registered in England no: 53419 VAT number: 432 99 5915 web: http://www.eds.com/
