Re: Simple web server with Apache: web page permissions ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Brian Mathis wrote:

> You are being disingenuous here by selectively editing out the
> relevant quoted text from the same message above, which I will add
> back in as a quote here:
Disingenuous? Seems to me that it is a question of truth for you.

Once again. 'apache:apache' is a risk, but it is not wrong. And
sometimes it is also needed, since webdave, for example, doesn't work
without it. That was what I have tried to work out.

>         > Filipe Brandenburger wrote:
>         > The only files you want writable by Apache are the ones that
>         > a web application needs to write, like session files in PHP
>         > or config file controlled by a web admin interface.
> 
> 
>> By the way, if someone breaks into your server through Apache,
>> apache:apache is your lowest problem, that's my opinion.
>>
>> regards
>> Olaf
> 
> This statement is quite silly.  The type of configuration above could
Thank you, it is my greeting. You are silly too.

> be the vector by which the server is compromised, so it is not at all
> the lowest problem.  In that case it WOULD *BE* the problem.
Don't know why you are screaming here, maybe it is your personality.


regards
Olaf

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux