bozohttpd show index of /homt/user if there is no public_html there
Binary package hint: bozohttpd
Description: Ubuntu 10.04 LTS
*** 20090522-2 0
Bozohttpd is started from inetd with a configuration line in /etc/inetd.conf like this:
www stream tcp nowait root /usr/sbin/tcpd /usr/sbin/bozohttpd /var/www -X -H -S foobar -c /usr/lib/cgi-bin -U www-data -u
There is a ~user1/public_html and there are other users on the system but without a public_html
Access to this item has been denied", as expected
3) Go to "http://
I don't get the error above, but just the directory index of ~user2 (/home/user2).
If I reload the page I get the result of 2) and 3) swapping around. 3) Shouldn't happen, as there is no public_html there. And anyone can:
a) Probe for user names in the system (dir is there or not)
b) Look at least the name of the files of some user.
This bug, doesn't seem to be fixed (or even known) in the last upstream version (20100512)
|Changed in bozohttpd (Ubuntu):|
|status:||New → Confirmed|