Bug#715804: Debian policy for web apps still references /doc as accessible
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
Le 10/07/2013 19:06, Charles Plessy a écrit :
> I note that /doc was only to be served locally. How did that cause security
> issues ?
- if some front-end server on the same host forwards connections to
an apache2 backend server on the localhost address, or
- if the machine running apache2 is also used for web browsing.
http://www.debian.org/security/2012/dsa-2452
Regards
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJR3icXAAoJEAWMHPlE9r08QQIH/A8GdNzMY26C/9JdQdsKypS3
iBpev84uO3tietmuC3b8PldApyeVaDEnlCVUxr2Lf+ZfRCxHWwQyvWPkqzsYUqMf
z5dXO7m47tMaCUsTPll4yOraMQ4StlZO7KdrNxMQrPuPvHdn7B9KdvI8+0C/7yvH
oheDCSBD3pS3CBq3m4uETu6JEuVfAXPcXw18DvM2lMo8O9xThJs2rDNSUa5i2ifW
RrMpHZHa6Cbpt7LpCsAp/0/GPQerVV4hLYvM7p7xBokdAnJ536fmoQ8nuOyo3Fn7
Z5YTjriuFBMnNIlmGeFhLi/wGrp2FsrpH+ADq5V95bOLKOzzh/FiIupg4w3IlQA=
=m3Al
-----END PGP SIGNATURE-----
Reply to: