RE: [users@httpd] Hacked the website replace the index.hm page

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That's the key right there.  You probably need to think of multiple
approaches to securing the files (suexec, cgiwrappers, php level tweaks,
etc).  

This is the one place where *nix and apache fall a hair short.  What
would be nice would be the ability to assign user level settings to each
virtual host.  That way you can run it under the user and they can only
modify their own file.  So if they don't upgrade things like phpbb it
affects them only and not the entire client base of that server.

I know there is an alpha stage project out there for 2.0.x that does
just this but I would have been nice to have this as part of the design
implementation.

Gary


> 
> I would not tend to think very much of open_basedir by itself, but the
> other options you mention sound like they are worthwhile. Thanks for
the
> info, I was curious and you filled in some blanks.
> 
> Eric

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux