[IrPr]

Hi there

Today i found that "Follow Symbolic Link" set to "No" or "If Owner Match"
its not disabling Symlink as its expected to disable whole symlinks

For example the symlink2 linked to fakesymlink/../../../../../../../../../../../../../../..//home/user/public_html/ which fakesymlink is a regular directory, when i request symlink2 through litespeed it responses 403 no permission error

but when i request for http://woot/symlink2/file.ext it will response the /home/user/public_html/file.ext file with no error!

It seems if we create a symlink to a directory, then the files in that directory are reachable through the lsws

George, Please take a look in it and update to it me ASAP

Thanks