Re: How to start Apache automatically with certificate?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Aug 28, 2008 at 05:42:59PM -0400, Eric Covener wrote:
...
> root-owned private key sure sounds wiser to me.
...


Tell me three good reasons why.  Bad ones don't count.

There is nothing special about a file that is owned by root vs. another
UID.  There is a PROBLEM, that you must be root to do anything with that
file.

If 'httpd' is run as user "apache", as it should be on any
well-regulated system, then a file that is readable only by root will
not be usable by it.  It will be USELESS.


> There are lots of files you don't want to be owned, or modifiable, by
> non-root users.  This is a good thing.


By non-root USERS, yes, absolutely.  Who said anything about users?  I'm
talking about a SYSTEM account.

Again, there is ABSOLUTELY NOTHING SPECIAL about a file that is owned by
root, except that to do anything with it, you have to have super-user
powers, which YOU SHOULD NEVER DO!  They are DANGEROUS.


-- 
/*********************************************************************\
**
** Joe Yao				jsdy@xxxxxxx - Joseph S. D. Yao
**
\*********************************************************************/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux