From 10088ce4933d133eff46e9a3ecbc0700de9c3200 Mon Sep 17 00:00:00 2001
From: Cliff Woolley <jwoolley@apache.org>
Date: Mon, 5 Aug 2002 20:11:32 +0000
Subject: [PATCH] Extra extra warnings.

Submitted by: Zeno <zeno@cgisecurity.net>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96311 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_info.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/docs/manual/mod/mod_info.xml b/docs/manual/mod/mod_info.xml
index 0f5f6475c6..16e2f7e86c 100644
--- a/docs/manual/mod/mod_info.xml
+++ b/docs/manual/mod/mod_info.xml
@@ -48,6 +48,14 @@ SetHandler server-info<br />
       files, including <em>per</em>-directory files (<em>e.g.</em>,
       <code>.htaccess</code>). This may have security-related
       ramifications for your site.</p>
+
+      <p>In particular, this module can leak sensitive information
+      from the configuration directives of other Apache modules such as
+      system paths, usernames/passwords, database names, etc.  Due to
+      the way this module works there is no way to block information
+      from it.  Therefore, this module should ONLY be used in a controlled
+      environment and always with caution.</p>
+
     </note>
 </summary>
 
-- 
2.40.0