Warn about potential of program to unplannedly reveal the content

of various CGI files. PR: ports/25272 Submitted by: Ariff Abdullah <skywizard@time.net.my> Approved by: clement (mentor)
author: Sam Lawrance <lawrance@FreeBSD.org> 2005-04-17 14:53:20 +0000
committer: Sam Lawrance <lawrance@FreeBSD.org> 2005-04-17 14:53:20 +0000
commit: 63808043a0eef3c5ba3dc28829bf3f74f2cb87a9 (patch)
tree: c19e14a43eecd4d785e172c729afd12dc77c1423 /lang/eperl
parent: - Update to 4.1.7 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/lang/eperl/pkg-message b/lang/eperl/pkg-message
index 6b30697c33d4..070a9299878d 100644
--- a/lang/eperl/pkg-message
+++ b/lang/eperl/pkg-message
@@ -10,3 +10,12 @@ This program is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 FITNESS FOR A PARTICULAR PURPOSE.  See either the Artistic License or the
 GNU General Public License for more details.
+
+*** WARNING ***
+
+Using eperl in CGI or NHP-CGI mode with a webserver will expose any files
+having extension .html, .phtml, .ephtml, .epl, .pl, or .cgi under the
+document root.
+
+Any files matching those extensions that do not contain eperl script
+may be served to a client verbatim on request.
author	Sam Lawrance <lawrance@FreeBSD.org>	2005-04-17 14:53:20 +0000
committer	Sam Lawrance <lawrance@FreeBSD.org>	2005-04-17 14:53:20 +0000
commit	63808043a0eef3c5ba3dc28829bf3f74f2cb87a9 (patch)
tree	c19e14a43eecd4d785e172c729afd12dc77c1423 /lang/eperl
parent	- Update to 4.1.7 (diff)