From: Shane Hathaway <shane@digicool.com> To: Júlio Dinis Silva <juliodinis@hotmail.com> Subject: Re: [Zope] webdav security Date: Wed, 27 Sep 2000 14:10:07 -0400
"Júlio Dinis Silva" wrote:
Hello all!
Lets say that anyone can do ">cadaver www.myhost.com" and after that a
">ls"
listing my content. I know the user will see the objects processed, but just the fact that he can see my structure is bad for security.
How do I disable the webdav access, if possible?
Disallow "Access contents information" for anonymous.
Shane
Hi Shane, your solution is too much radical for a complex site already in production. Is there a way, maybe on ZServer to just not import the webdav support? thanks, Júlio Dinis Silva _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.