[Pkg-roundcube-maintainers] Bug#500202: cron job removes file shipped in package
Vincent Bernat
bernat at debian.org
Sat Sep 27 08:39:19 UTC 2008
tags 500202 + confirmed pending
thanks
OoO En cette matinée ensoleillée du vendredi 26 septembre 2008, vers
09:28, Michal Čihař <nijel at debian.org> disait :
>> The lighttpd config file contains:
>> $HTTP["url"] =~ "^/roundcube/config|/roundcube/temp|/roundcube/logs" {
>> url.access-deny = ( "" )
>> }
>>
>> Therefore, the directory should not be accessible. Maybe the file is not
>> clear enough about what to modify when changing roundcube location.
> I know that both apache and lighttpd files contain rules to limit
> access, thats why I did not consider it as a security issue :-).
>> In fact, .htaccess should not be shipped with roundcube.
> That's also a solution...
Hi Michal!
This has been corrected in the SVN. Thanks for noticing this.
--
# Okay, what on Earth is this one supposed to be used for?
2.4.0 linux/drivers/char/cp437.uni
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-roundcube-maintainers/attachments/20080927/0712e614/attachment.pgp
More information about the Pkg-roundcube-maintainers
mailing list