Bug#246139: apache2-common: apache2.conf should include the "UserDir disabled root" directive
Package: apache2-common
Version: 2.0.49-1
Severity: normal
Tags: security
In the docs for the UserDir tag they explicitly state that root
should always have it's UserDir turned off, irrespective of other
users. See http://httpd.apache.org/docs-2.0/mod/mod_userdir.html#userdir
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (300, 'testing'), (150, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.3-1-686-smp
Locale: LANG=C, LC_CTYPE=C
Versions of packages apache2-common depends on:
ii debconf 1.4.22 Debian configuration management sy
ii debianutils 2.8.1 Miscellaneous utilities specific t
ii libapr0 2.0.49-1 The Apache Portable Runtime
ii libc6 2.3.2.ds1-11 GNU C Library: Shared libraries an
ii libdb4.2 4.2.52-16 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.6-8 XML parsing C library - runtime li
ii libldap2 2.1.29-2 OpenLDAP libraries
ii libmagic1 4.07-2 File type determination library us
ii libssl0.9.7 0.9.7d-1 SSL shared libraries
ii mime-support 3.26-1 MIME files 'mime.types' & 'mailcap
ii net-tools 1.60-9 The NET-3 networking toolkit
ii openssl 0.9.7d-1 Secure Socket Layer (SSL) binary a
ii ssl-cert 1.0-7 Simple debconf wrapper for openssl
ii zlib1g 1:1.2.1-5 compression library - runtime
-- no debconf information
Reply to: