 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Hunter Heinlen wrote: > Unfortunately, this produces syntax errors (Invalid command > 'RewriteRule'). I am effectively required to use mod_alias. I could > try to convince people in management here that mod_rewrite is not such a > horrible security risk, but if I don't have to, even better. I am by no means a security expert, but providing that you don't use variables in a strange sort of way that risks breaking it, or allow anyone to use the rewrite rules, I am unaware of any major security holes. I in fact, did a quick Google of it, which seems to suggest that there really aren't any inherent security risks to mod_rewrite short of a bug in a version of it for Apache 1.3. I shouldn't think it would be an issue provided the version was up to date, and you used common sense implementing it. Please correct me if I've missed something. Thanks, Grant M. -- Grant Mongardi Senior Systems Engineer NAPC gmongardi at napc.com http://www.napc.com/ 781.894.3114 phone 781.894.3997 fax NAPC | technology matters -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
