|
Graham Dumpleton
grahamd at dscpl.com.au
Wed Jun 8 04:18:32 EDT 2005
On 08/06/2005, at 6:02 PM, Stephane Bortzmeyer wrote: > If I make a typo in the filename of the loginhandler directive of the > Vampire configuration file, there is no warning and the access goes > on. Isn't it a security weakness? Agree that it is probably not good in that circumstance, should yield an internal server error response at least and log something. Will have to review what happens for other phases as well. In those cases you'll probably end up with a not found error, but maybe something different should be done there as well. Thanks for pointing it out. Graham
|