On Mon, 4 Sep 1995, Daniel S. Riley wrote: > >> Try adding this to "access.conf" on apache 0.8.11 or ncsa 1.4 (not sure > >> about how CERN handles this). "SymLinksIfOwnerMatch" is only vaguely > >> documented. > > SymLinksIfOwnerMatch, at least in NCSA httpd 1.4 through 1.5b3, is > also broken. Here's the bug report I submitted to the ncsa-httpd > team: I was just fooling around and was shocked to find that SymLinksIfOwnerMatch is totally broken in the version of Apache I've been using. I created a symlink from a public_htm dir to / and was able to see /. I downloaded/compiled the latest apache and did some testing of SymLinksIfOwnerMatch with various versions of httpd I had handy and found the following: NCSA 1.3 works, even on double symlinks Apache 0.6.2 works on symlinks, broken for double symlinks Apache 0.8.8 broken for symlinks and double symlinks Apache 0.8.11 works, even on double symlinks By "works", I mean it gave a Forbidden message when the symlink was tried...by "broken", I mean symlinks were followed when they should not have been. ------------------------------------------------------------------ Jon Lewis | Mime attachments are OK jlewis@inorganic5.chem.ufl.edu | But please ask before sending http://inorganic5.chem.ufl.edu | unsolicited huge files. | _____Finger jlewis@inorganic5.chem.ufl.edu for PGP public key_____