SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 for Drupal 4 affecting in Drupal 7

After uploading images or logo to Drupal 7.22 site, Drupal seems to be creating .htaccess in sites/default/files with text: SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 Options None Options +FollowSymLinks

That advisory is found here: http://drupal.org/node/65409

Not sure but I think it may be due to the FollowSymLinks that may need to be replaced by Options +SymLinksifOwnerMatch as it is in .htaccess in public_html.

Instead of deleting the .htaccess I currently have replaced the content with the Options None & Options +SymLinksifOwnerMatch. is the okay?

Status: 
Active

Comments

Howdy -- yes, changing that option to use SymLinksifOwnerMatch is the correct way to solve that, there's no problem in making that change.