[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#715804: Debian policy for web apps still references /doc as accessible

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi,

Le 10/07/2013 19:06, Charles Plessy a écrit :

> I note that /doc was only to be served locally.  How did that cause security
> issues ?

  - if some front-end server on the same host forwards connections to
    an apache2 backend server on the localhost address, or
  - if the machine running apache2 is also used for web browsing.

	http://www.debian.org/security/2012/dsa-2452

Regards

David


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJR3icXAAoJEAWMHPlE9r08QQIH/A8GdNzMY26C/9JdQdsKypS3
iBpev84uO3tietmuC3b8PldApyeVaDEnlCVUxr2Lf+ZfRCxHWwQyvWPkqzsYUqMf
z5dXO7m47tMaCUsTPll4yOraMQ4StlZO7KdrNxMQrPuPvHdn7B9KdvI8+0C/7yvH
oheDCSBD3pS3CBq3m4uETu6JEuVfAXPcXw18DvM2lMo8O9xThJs2rDNSUa5i2ifW
RrMpHZHa6Cbpt7LpCsAp/0/GPQerVV4hLYvM7p7xBokdAnJ536fmoQ8nuOyo3Fn7
Z5YTjriuFBMnNIlmGeFhLi/wGrp2FsrpH+ADq5V95bOLKOzzh/FiIupg4w3IlQA=
=m3Al
-----END PGP SIGNATURE-----
Reply to: