[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#246139: apache2-common: apache2.conf should include the "UserDir disabled root" directive

Package: apache2-common
Version: 2.0.49-1
Severity: normal
Tags: security

In the docs for the UserDir tag they explicitly state that root
should always have it's UserDir turned off, irrespective of other
users. See http://httpd.apache.org/docs-2.0/mod/mod_userdir.html#userdir

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (300, 'testing'), (150, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.3-1-686-smp
Locale: LANG=C, LC_CTYPE=C

Versions of packages apache2-common depends on:
ii  debconf                     1.4.22       Debian configuration management sy
ii  debianutils                 2.8.1        Miscellaneous utilities specific t
ii  libapr0                     2.0.49-1     The Apache Portable Runtime
ii  libc6                       2.3.2.ds1-11 GNU C Library: Shared libraries an
ii  libdb4.2                    4.2.52-16    Berkeley v4.2 Database Libraries [
ii  libexpat1                   1.95.6-8     XML parsing C library - runtime li
ii  libldap2                    2.1.29-2     OpenLDAP libraries
ii  libmagic1                   4.07-2       File type determination library us
ii  libssl0.9.7                 0.9.7d-1     SSL shared libraries
ii  mime-support                3.26-1       MIME files 'mime.types' & 'mailcap
ii  net-tools                   1.60-9       The NET-3 networking toolkit
ii  openssl                     0.9.7d-1     Secure Socket Layer (SSL) binary a
ii  ssl-cert                    1.0-7        Simple debconf wrapper for openssl
ii  zlib1g                      1:1.2.1-5    compression library - runtime

-- no debconf information
Reply to: