[pkg-lighttpd] Bug#419176: lighttpd: Module loading order is
important, ensure auth is loaded before fastcgi and status
Olaf van der Spek
OlafvdSpek at GMail.Com
Sat Apr 14 07:36:45 UTC 2007
Package: lighttpd
Version: 1.4.13-10
Severity: normal
Hi,
Module loading order is important. If you load status before auth and use auth for status, auth is ignored and users can access status without
authentication.
The same probably applies to fastcgi as well, so you should ensure modules are loaded in the proper order. Maybe auth should be loaded in
lighttpd.conf at the top.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.18-4-686 (SMP w/2 CPU cores)
Locale: LANG=en_US.ISO-8859-15, LC_CTYPE=en_US.ISO-8859-15 (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages lighttpd depends on:
ii libattr1 1:2.4.32-1.1 Extended attribute shared library
ii libbz2-1.0 1.0.3-6 high-quality block-sorting file co
ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries
ii libldap2 2.1.30-13.4 OpenLDAP libraries
ii libpcre3 6.7-1 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8c-4 SSL shared libraries
ii lsb-base 3.1-23.1 Linux Standard Base 3.1 init scrip
ii mime-support 3.39-1 MIME files 'mime.types' & 'mailcap
ii perl 5.8.8-7 Larry Wall's Practical Extraction
ii zlib1g 1:1.2.3-13 compression library - runtime
Versions of packages lighttpd recommends:
ii php5-cgi 5.2.0-10 server-side, HTML-embedded scripti
-- no debconf information
More information about the pkg-lighttpd-maintainers
mailing list