disable symlink, possible?

Cliff Wells cliff at develix.com
Fri Jun 19 22:16:22 MSD 2009

On Fri, 2009-06-19 at 23:43 +0700, Edho P Arief wrote:
> On Fri, Jun 19, 2009 at 10:53 PM, Christopher Smith<cbsmith at xman.org> wrote:
> > It always strikes me as odd when people want this functionality (and
> Apache is proof that they do). It seems far easier to employ such
> restrictions at write/create time, or at least offline, rather than as
> part of the read.
> >
> what are you suggesting to prevent people from symlinking to root from
> their web folder?

Hit them with a clue-by-four?   I think history has adequately
demonstrated that there will never be a technological solution for human
stupidity.   As a side-effect, we've also learned that too many safety
features often lead to careless mistakes, since people start assuming
the software will protect them from themselves, when the reality is that
it can't.



More information about the nginx mailing list