From nobody@hyperreal.com Tue Oct 8 16:56:30 1996 Received: by taz.hyperreal.com (8.7.6/V2.0) id QAA16418; Tue, 8 Oct 1996 16:56:30 -0700 (PDT) Message-Id: <199610082356.QAA16418@taz.hyperreal.com> Date: Tue, 8 Oct 1996 16:56:30 -0700 (PDT) From: Roy Fielding Reply-To: fielding@ics.uci.edu To: apbugs@hyperreal.com Subject: mod_dir does not log reason when access FORBIDDEN X-Send-Pr-Version: 3.2 >Number: 16 >Category: mod_dir >Synopsis: mod_dir does not log reason when access FORBIDDEN >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Tue Oct 8 17:00:02 1996 >Last-Modified: Thu Jan 23 14:31:05 PST 1997 >Originator: fielding@ics.uci.edu >Organization: >Release: 1.2-dev >Environment: Solaris 2.5, gcc 2.7.2 >Description: mod_dir does not write anything to the error_log when a 403 response is returned due to the directory not being readable or the configuration not allowing Indexes. if(!(d=opendir(name))) return FORBIDDEN; and if (allow_opts & OPT_INDEXES) return index_directory (r, d); else return FORBIDDEN; are the culprits. >How-To-Repeat: chmod a web directory to non-readable by the web server, or set Options None in a .htaccess file, make a request on that directory's URL, and then look in the error_log. >Fix: Ummm, call log_reason with an error message before returning >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: fielding State-Changed-When: Thu Jan 23 14:31:05 PST 1997 State-Changed-Why: Fixed in 1.2b5-dev by Ken "the rodent of unusual size" >Unformatted: