Received: (qmail 17365 invoked by uid 2012); 21 Oct 1997 06:43:45 -0000
Message-Id: <19971021064345.17364.qmail@hyperreal.org>
Date: 21 Oct 1997 06:43:45 -0000
From: Dean Gaudet <dgaudet@apache.org>
Reply-To: dgaudet@apache.org
To: apbugs@hyperreal.org
Subject: add allow,deny/deny,allow warning to mod_access
X-Send-Pr-Version: 3.2

>Number:         1287
>Category:       mod_access
>Synopsis:       add allow,deny/deny,allow warning to mod_access
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          suspended
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Mon Oct 20 23:50:00 PDT 1997
>Last-Modified:  Tue Oct 21 07:56:24 PDT 1997
>Originator:     dgaudet@apache.org
>Organization:
>Release:        1.3
>Environment:
n/a
>Description:
I can never remember how the order directive works.  It would be easy for
mod_access to warn when a config like this:

order allow,deny
deny from all
allow from a.b.c.d

was used.  It makes no sense -- it denies all access, despite what looks
like an attempt to allow some.  Similarly for:

order deny,allow
deny from a.b.c.d
allow from all

Which allows all access despite what looks like an attempt to allow
some.

>How-To-Repeat:

>Fix:

>Audit-Trail:
State-Changed-From-To: open-suspended
State-Changed-By: coar
State-Changed-When: Tue Oct 21 07:56:24 PDT 1997
State-Changed-Why:
Suspended for future consideration.
>Unformatted: