Re: Apache permissions stabs new Linux user in face with icepick. Suggestions?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 16-03-09 09:47 PM, Kurtis Rader wrote:
On Wed, Mar 9, 2016 at 6:38 PM, Francis Roy <lists@xxxxxxxxxxxxxxxxxxxx
<mailto:lists@xxxxxxxxxxxxxxxxxxxx>> wrote:

    Thank you that answers my question quite nicely. It's not a giant
    flag waving at the internet, but if someone got a hold of my machine
    directly, it could provide a small bit of information used in a
    general strategy.


Just to be pedantic "they" don't have to get a hold of your machine
directly. If the attacker can install software of their choosing, say by
exploiting a vulnerability in your web server, then that software could
exploit the looser permissions on your home directory. But that is moot
given that you already had to grant the web server access to your home
directory in order to support your requirements. The concern now is
whether user accounts on your machine other than the one running the
apache web server can exploit those looser permissions.

It's my personal, sole-user development machine tucked away behind a NAT. I just wanted to be sure that I wasn't doing the equivalent of opening up common ports.

By the way, can you recommend a good, practical Linux security forum or list? New OS means I have to learn new specifics and tricks.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux