PR#40950: add security note to docs (submitted Thijs Kinkhorst)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@487904 13f79535-47bb-0310-9956-ffa450edef68
2025-05-28 13:41:30 +03:00 · 2006-12-16 21:59:13 +00:00 · 2006-12-16 21:59:13 +00:00 · c4d7a79c95
commit c4d7a79c95
parent 5861f12a4c
2 changed files with 8 additions and 0 deletions
--- a/docs/manual/programs/htdigest.xml
+++ b/docs/manual/programs/htdigest.xml
@ -66,4 +66,9 @@
    </dl>
 </section>

+<section id="security"><title>Security Considerations</title>
+    <p>This program is not safe as a setuid executable. Do <em>not</em> make it
+    setuid.</p>
+</section>
+
 </manualpage>
--- a/docs/manual/programs/htpasswd.xml
+++ b/docs/manual/programs/htpasswd.xml
@ -188,6 +188,9 @@ distribution.</seealso>
    <em>not</em> be within the Web server's URI space -- that is, they should
    not be fetchable with a browser.</p>

+    <p>This program is not safe as a setuid executable. Do <em>not</em> make it
+    setuid.</p>
+
    <p>The use of the <code>-b</code> option is discouraged, since when it is
    used the unencrypted password appears on the command line.</p>