Apache server permisssions
Boulytchev, Vasiliy
vboulytchev at coinfotech.com
Thu Mar 4 11:00:19 UTC 2004
James, The best book regarding Apache Security, I have found that was easy
to follow, is Apache Security published by Wrox..... Mobily, Shrma,
Weinstein, Wilcox.... I saw it on amazon last year
Vasiliy Boulytchev
Colorado Information Technologies, Inc.
http://www.coinfotech.com
-----Original Message-----
From: redhat-list-admin at redhat.com [mailto:redhat-list-admin at redhat.com] On
Behalf Of James Marcinek
Sent: Thursday, March 04, 2004 6:41 AM
To: redhat-list at redhat.com
Subject: Re: Apache server permisssions
How hard is it to set up a chrooted server. I mean I know about the concept
but have never implemented a jail before...
Thanks,
James
> --- "Boulytchev, Vasiliy"
> <vboulytchev at coinfotech.com> escribió: >
>> Ladies and Gents,
>> Imagine the following scenario. I have Apache 2.blah running as
>> nobody.nobody (httpd.conf). Now I have 2 virtual hosts, sarah and
>> john.
>> The users and groups are sarah.sarah and john.john.
>>
>> My first question, is why can apache serve a file, whose permissions
>> are root.root?
>
> These are their permisions: -rw-r--r--
>
>
>> Second, is it safe to have a server setup like the above, without
>> jailing?
>
> Always it's more safetly using chroot but it's not always necesary,
> you're giving acces only to two users.
>
> It's my opinion...
>
> Regards...
>
>>
>> Vasiliy Boulytchev
>> Colorado Information Technologies, Inc.
>> http://www.coinfotech.com
>>
>
>> ATTACHMENT part 2 application/x-pkcs7-signature
> name=smime.p7s
>
>
> =====
> --
>
> Manuel Aróstegui Linux user 200896
>
> ___________________________________________________
> Yahoo! Messenger - Nueva versión GRATIS Super Webcam, voz, caritas
> animadas, y más...
> http://messenger.yahoo.es
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4355 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/redhat-list/attachments/20040304/c1d2385f/attachment.bin>
More information about the redhat-list
mailing list