open HTACCESS, '>', '.htaccess';
print HTACCESS <<'END';
# don't allow people to retrieve non-cgi executable files or our private data
-<FilesMatch ^(.*\.pl|.*localconfig.*|runtests.sh)$>
+<FilesMatch ^(.*\.pl|.*localconfig.*)$>
deny from all
</FilesMatch>
<FilesMatch ^(localconfig.js|localconfig.rdf)$>
# These are the files which need to be marked executable
my @executable_files = ('whineatnews.pl', 'collectstats.pl',
- 'checksetup.pl', 'importxml.pl', 'runtests.sh', 'testserver.pl',
+ 'checksetup.pl', 'importxml.pl', 'runtests.pl', 'testserver.pl',
'whine.pl');
# tell me if a file is executable. All CGI files and those in @executable_files
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
-<!-- $Id: installation.xml,v 1.94 2005/06/29 21:22:09 mozilla%colinogilvie.co.uk Exp $ -->
+<!-- $Id: installation.xml,v 1.95 2005/06/29 23:43:33 zach%zachlipton.com Exp $ -->
<chapter id="installing-bugzilla">
<title>Installing Bugzilla</title>
ns_register_filter preauth GET /bugzilla/\#localconfig\# filter_deny
ns_register_filter preauth GET /bugzilla/*.pl filter_deny
ns_register_filter preauth GET /bugzilla/syncshadowdb filter_deny
- ns_register_filter preauth GET /bugzilla/runtests.sh filter_deny
ns_register_filter preauth GET /bugzilla/data/* filter_deny
ns_register_filter preauth GET /bugzilla/template/* filter_deny
<!-- <!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.1.2//EN"> -->
-<!-- $Id: security.xml,v 1.5 2005/06/07 19:40:25 jocuri%softhome.net Exp $ -->
+<!-- $Id: security.xml,v 1.6 2005/06/29 23:43:33 zach%zachlipton.com Exp $ -->
<chapter id="security">
<title>Bugzilla Security</title>
<simplelist type="inline">
<member><filename>*.pl</filename></member>
<member><filename>*localconfig*</filename></member>
- <member><filename>runtests.sh</filename></member>
</simplelist>
</para>
</listitem>
projects / thirdparty / bugzilla.git / commitdiff
