next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects
Index of Subjects Hi David Yes. That is a legitimate and useful technique. How about a scan function that reviews and reports non index.html sub-directories to the editor-in-chief. The report could be used to advise sub-directory owners about possible security exposure. Alternatively, a scan of the logs could provide a similar report. The sub directory owner would then assume responsibility for including or excluding an index.htm file. The report would make them aware of the issue. Doug On Sun, 2 Jul 2000, David L. Potter wrote: > > > Hi Doug, > > Forcing this 'site wide' might negatively impact the design flexibility > of IP's who would like to allow this. > > An legitimate use of the 'directory listing' feature might be a site with > many files, if they use descriptive filename (and no index.html) they > don't have to edit an index page each time they add a file... > > In this case, site maintenance becomes much less work... > > > dlp > > > > On Sun, 2 Jul 2000 aa935@chebucto.ns.ca wrote: > > > Hi David > > > > I guess I've been spoiled in my day job. There .../ defaults to index.htm. If > > the file is not present, then a 'permission denied' error occurs. Could this > > be a default redirect at CCN? The policy seems to be wide-spread throughout > > the internet. > > > > Doug > > > > Quoting "David L. Potter" <potter@chebucto.ns.ca>: > > > > > > > > We currently have a number of directories that do not have an index.html > > > file... eg lists/ > > > > > > The result is anyone specifying this (type of) directory as a 'url' is > > > presented with a directory listing which may include files, other > > > directories, etc... in some instances this exposed files that are no longer > > > > > > current... > > > > > > --- > > > > > > A related policy/convention issues relates to the template element that > > > displays the 'location' of a document... e.g. > > > > > > Home >> lists >> ccn-webmaster > > > > > > In this example 'home' is a link, I have inserted 'lists' but this leads > > > back to the problem noted above, i.e. exposing files or directories that > > > may or may not contain 'secure' or outdated information... > > > > > > Has there been any discussion about what is appropriate for this > > > template element...? > > > > > > > > > david potter > > > > > > > > > > > > --------------------------------------------------------------- > > This mail was sent through the Nova Scotia Provincial Server, > > with technical resources provided by Chebucto Community Net. > > http://nsaccess.ns.ca/mail/ http://www.chebucto.ns.ca/ > > >
next message in archive
next message in thread
previous message in archive
previous message in thread
Index of Subjects