- From: BearHeart / Bill Weinman <BearHeart@bearnet.com>
- Date: Sat, 30 Dec 1995 11:48:06 -0600
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
At 12:10 am 12/30/95 -0800, Roy T. Fielding wrote:
>> For the 'security considerations' portion of the 1.1 draft, with your
>> concurrence:
> On such a system, an HTTP server must disallow any such construct
> in the Request-URI if it would otherwise allow access to a resource
> outside those intended to be accessible via the HTTP server.
> Similarly, files intended for reference only internally to the server
> (such as access control files, configuration files, and script code)
> must be protected from inappropriate retrieval, since they might
> contain sensitive information.
I like the wording here "outside those intended to be accessible", as
that is more general than what I had suggested. I would also like to
see some suggestion that the sysadmin be able to specify what is and
is not "intended to be accessible".
Unix, in particlar, is flexible enough that a sysadmin may have
non-standard filenames for sensitive files. Some do this as an
added security precaution.
This language was in the paragraph that I had suggested earlier:
+ A server should
+ make a configuration option available to the system administrator to
+ ensure that this protection is made sufficiently flexible for
+ site-specific security considerations.
+----------------------------------------------------------------------+
* BearHeart / Bill Weinman
* BearHeart@bearnet.com * * http://www.bearnet.com/ *
* Author of The CGI Book: * http://www.bearnet.com/cgibook/ *
* "To enjoy life, take big bites. Moderation is for monks."
--Lazarus Long
Received on Saturday, 30 December 1995 09:52:04 UTC