Update of /cvsroot/mhonarc/mharc/etc
In directory subversions:/tmp/cvs-serv16886/etc
Modified Files:
.htaccess.in.dist apache.conf.in.dist
Log Message:
* Added access denial to working/temporary ".newmail" file used by
filter-spool.
* apache.conf directives adjusted to separate cgi-bin into its own
Directory directive to provide better granularity of access.
Index: .htaccess.in.dist
===================================================================
RCS file: /cvsroot/mhonarc/mharc/etc/.htaccess.in.dist,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -r1.2 -r1.3
*** .htaccess.in.dist 23 Jul 2002 04:00:22 -0000 1.2
--- .htaccess.in.dist 15 Sep 2002 03:43:29 -0000 1.3
***************
*** 31,32 ****
--- 31,38 ----
Deny from all
</Files>
+
+ # Deny access to temporary incoming mail file used by filter-spool
+ <Files ~ ".newmail$">
+ Order allow,deny
+ Deny from all
+ </Files>
Index: apache.conf.in.dist
===================================================================
RCS file: /cvsroot/mhonarc/mharc/etc/apache.conf.in.dist,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -r1.5 -r1.6
*** apache.conf.in.dist 31 Jul 2002 04:53:21 -0000 1.5
--- apache.conf.in.dist 15 Sep 2002 03:43:29 -0000 1.6
***************
*** 9,18 ****
## YOU MAY HAVE.
############################################################################
<Directory @@SW_ROOT@@>
AllowOverride All
! # ExecCGI could be a security risk if you configure mhonarc to use
! # attachment filenames or filename extensions.
! Options +ExecCGI MultiViews Indexes FollowSymLinks Includes
IndexOptions FancyIndexing NameWidth=* SuppressSize SuppressLastModified
--- 9,17 ----
## YOU MAY HAVE.
############################################################################
+
<Directory @@SW_ROOT@@>
AllowOverride All
! Options MultiViews Indexes FollowSymLinks
IndexOptions FancyIndexing NameWidth=* SuppressSize SuppressLastModified
***************
*** 34,37 ****
--- 33,42 ----
</Files>
+ # Deny access to temporary incoming mail file used by filter-spool
+ <Files ~ ".newmail$">
+ Order allow,deny
+ Deny from all
+ </Files>
+
# Limit the types of HTTP methods allowed
<Limit GET POST OPTIONS PROPFIND>
***************
*** 45,48 ****
--- 50,62 ----
</Directory>
+ # Enable CGI execution for cgi-bin directory
+ <Directory @@SW_ROOT@@/cgi-bin>
+ Options +ExecCGI
+ <IfModule mod_mime.c>
+ AddHandler cgi-script .cgi
+ </IfModule>
+ </Directory>
+
+ # Browsing access to raw mail archives
<Directory @@MBOX_DIR@@/*/>
AllowOverride All
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHONARC-DEV