diff options
| author | Nick Kew <niq@apache.org> | 2006-12-16 22:59:13 +0100 |
|---|---|---|
| committer | Nick Kew <niq@apache.org> | 2006-12-16 22:59:13 +0100 |
| commit | c4d7a79c957089c968b7550f13cfae19d5f1cf96 (patch) | |
| tree | 041b8003c40a9d3ce4c686973d65c3b658e82c49 | |
| parent | PR#37680: fix socket block/nonblock on restart/graceful (diff) | |
| download | apache2-c4d7a79c957089c968b7550f13cfae19d5f1cf96.tar.xz apache2-c4d7a79c957089c968b7550f13cfae19d5f1cf96.zip | |
PR#40950: add security note to docs (submitted Thijs Kinkhorst)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@487904 13f79535-47bb-0310-9956-ffa450edef68
| -rw-r--r-- | docs/manual/programs/htdigest.xml | 5 | ||||
| -rw-r--r-- | docs/manual/programs/htpasswd.xml | 3 |
2 files changed, 8 insertions, 0 deletions
diff --git a/docs/manual/programs/htdigest.xml b/docs/manual/programs/htdigest.xml index e6bdf48422..fc9df711a6 100644 --- a/docs/manual/programs/htdigest.xml +++ b/docs/manual/programs/htdigest.xml @@ -66,4 +66,9 @@ </dl> </section> +<section id="security"><title>Security Considerations</title> + <p>This program is not safe as a setuid executable. Do <em>not</em> make it + setuid.</p> +</section> + </manualpage> diff --git a/docs/manual/programs/htpasswd.xml b/docs/manual/programs/htpasswd.xml index 0c6f61f2f4..6e613d0873 100644 --- a/docs/manual/programs/htpasswd.xml +++ b/docs/manual/programs/htpasswd.xml @@ -188,6 +188,9 @@ distribution.</seealso> <em>not</em> be within the Web server's URI space -- that is, they should not be fetchable with a browser.</p> + <p>This program is not safe as a setuid executable. Do <em>not</em> make it + setuid.</p> + <p>The use of the <code>-b</code> option is discouraged, since when it is used the unencrypted password appears on the command line.</p> |