Albert, what version of Webware are you using?
I was able to reproduce this problem with the mainline CVS, but my
Branch-0_5_1 workspace gives a 404 like it should.
At 01:50 PM 3/21/2001 +0100, Albert Brandl wrote:
>I've just discovered, that the mechanism for presenting
>files via WebKit.cgi allows to have a look at backup
>If a developer uses an editor which writes backup files
>(like MyPage.py~), attackers can guess at the filename and
>study the contents of MyPage.py~ by simply pointing their
>While MyPage.py~ is not the current version, it might
>still reveal valuable information about the structure
>of the system and possible ways for intruding it.
>This should be prevented by filtering out pages with
>Webware-discuss mailing list