Bug 50926

Summary: unexpected <Directory> file-matching behavior
Product: Apache httpd-2 Reporter: Eric Covener <covener>
Component: CoreAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: NEW ---    
Severity: normal    
Priority: P2    
Version: 2.5-HEAD   
Target Milestone: ---   
Hardware: PC   
OS: Linux   

Description Eric Covener 2011-03-14 08:15:47 UTC
DocumentRoot /tmp/var/www
...

<Directory /tmp/var/www/index.html>
Require all denied
</Directory>


(or more subtly, a glob like /tmp/var/www/*, /tmp/var/www/ind*, or even /tmp/var/www/ind*/)

This triggers a 403 for http://localhost/index.html  The equivalent with order/allow also behaves the same way in 2.2.x.  


Should the directory walk have been able to realize that the target was a file and the last segment can't be compared with directory sectons?

Maybe something to change before 2.4 GA?  Please change to docs@ if it's as designed.