[mod_python] Configuring mod_python via reverse proxy

Roberto C. Sanchez roberto at familiasanchez.net
Wed Dec 14 21:29:07 EST 2005


Graham Dumpleton wrote:
> 
> Another non obvious problem which arises because of this arrangement is
> that if the second instance of Apache you are running has write access
> to the directories, it will dump Python .pyc files. If you are then only
> using AddHandler and not SetHandler, there will be nothing to stop
> someone specifying a URL which targets the .pyc files and they will be
> able to download them also and then decompile them, thus potentially
> getting access to sensitive information.
> 
> Good idea to have an excplicit rule:
> 
>   <Files *.pyc>
>   deny from all
>   </Files>
> 

I had not considered that.  However, I don't see any .pyc files anywhere
under ~/public_html/.

-Roberto

-- 
Roberto C. Sanchez
http://familiasanchez.net/~roberto
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://mm_cfg_has_not_been_edited_to_set_host_domains/pipermail/mod_python/attachments/20051214/77f4032f/signature.bin


More information about the Mod_python mailing list