martin 98/05/06 13:57:01
Modified: src CHANGES
Log:
Add forgotten log about BS2000 security fix
Revision Changes Path
1.827 +4 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.826
retrieving revision 1.827
diff -u -u -r1.826 -r1.827
--- CHANGES 1998/05/06 15:17:58 1.826
+++ CHANGES 1998/05/06 20:56:59 1.827
@@ -50,6 +50,10 @@
when ensuring 'x' is at least 30-chars big. [Jim Jagielski,
Brian Behlendorf]
+ *) [BS2000 security] BS2000 needs an extra authentication to initialize
+ the task environment to the unprivileged User id. Otherwise CGI scripts
+ would have a way to gain super user access. [Martin Kraemer]
+
*) Fix debug log messages for BS2000/OSD: instead of logging the whole
absolute path, only log base name of logging source as is done
in unix. [Martin Kraemer]
Modified: src CHANGES
Log:
Add forgotten log about BS2000 security fix
Revision Changes Path
1.827 +4 -0 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /export/home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.826
retrieving revision 1.827
diff -u -u -r1.826 -r1.827
--- CHANGES 1998/05/06 15:17:58 1.826
+++ CHANGES 1998/05/06 20:56:59 1.827
@@ -50,6 +50,10 @@
when ensuring 'x' is at least 30-chars big. [Jim Jagielski,
Brian Behlendorf]
+ *) [BS2000 security] BS2000 needs an extra authentication to initialize
+ the task environment to the unprivileged User id. Otherwise CGI scripts
+ would have a way to gain super user access. [Martin Kraemer]
+
*) Fix debug log messages for BS2000/OSD: instead of logging the whole
absolute path, only log base name of logging source as is done
in unix. [Martin Kraemer]