[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]
Re: apache security question

From: "Santosh Pasi" <spasi diskonnet com>
To: <redhat-install-list redhat com>
Subject: Re: apache security question
Date: Thu, 27 Jun 2002 23:34:32 +0530
Hi Patrick K. Tao,

Changing owner to "apache" is insure that no file is own by root and is own by 
normal user "apache", so that if there are any executable "script" (ScriptAlias), 
then that should run as "apache" and not root, hence reducing SUID risk and 
other problem.

Changing group permission to read allow to just read file.

Regards,
Santosh Pasi


---------------Original Message------------------
From: "Patrick K. Tao" <p tao miami edu>
>Subject: apache security question
>In-Reply-To: <Pine.OSF.4.31.0206111735080.13196-
100000 jaguar ir miami edu>
>To: redhat-install-list redhat com
>Sender: redhat-install-list-admin redhat com
>Errors-To: redhat-install-list-admin redhat com
>Precedence: bulk
>Reply-To: redhat-install-list redhat com
>List-Help: <mailto:redhat-install-list-request redhat com?subject=help>
>List-Post: <mailto:redhat-install-list redhat com>
>List-Subscribe: <https://listman.redhat.com/mailman/listinfo/redhat-install-list>, 
<mailto:redhat-install-list-request redhat com?subject=subscribe>
>List-Id: Getting started with Red Hat Linux <redhat-install-list.redhat.com>
>List-Unsubscribe: <https://listman.redhat.com/mailman/listinfo/redhat-install-
list>, <mailto:redhat-install-list-request redhat com?subject=unsubscribe>
>List-Archive: <https://listman.redhat.com/mailman/private/redhat-install-list/>
>Date: Thu, 27 Jun 2002 12:49:32 -0400 (EDT)
>
>Dear Redhat Users,
>
>I am using Redhat 7.2 and have a question about a security issue related
>to apache.  In a book titled "Linux Security" (author, Ramon J. Hontanon)
>under the chapter HTTP services it talks about ways to make your apache
>server more secure.  Two suggestions the author makes related to apache
>is:
>
>chown -Rh apache:apache /var/www
>chmod go-r /var/www
>
>My question is how does changing the ownership and group of /var/www from
>root to apache help make apache more secure?
>
>
>Very appreciative,
>Patrick
>
>
>
>_______________________________________________
>Redhat-install-list mailing list
>Redhat-install-list redhat com
>https://listman.redhat.com/mailman/listinfo/redhat-install-list
>



-------------------------------------------------------------------------------------------------------------
 The  information   contained   in  this  Internet  message  is 
 confidential and intended only for the use of the individual
 or entity identified.  If  the reader of this message is not the 
 intended   recipient,   any   dissemination,    distribution  or 
 copying   of   the  information  contained  in  this   Internet
 message is strictly prohibited. 
 If you received this message in error, please notify the 
 sender immediately.
------------------------------------------------------------------------------------------------------------
        +============================================+ 
       /   Santosh Kumar Pasi       |  icq: 16074433                     / 
     /     RHCE               India      |  http://santoshpasi.tripod.com     /  
   +=========================================== +
------------------------------------------------------------------------------------------------------------
Public Key:  http://www.keyserver.net:11371/pks/lookup?op=get&search=0x5BF764B5 
------------------------------------------------------------------------------------------------------------
One machine can do the work of fifty ordinary men. 
No machine can do the work of one extraordinary man. 
-Elbert Hubbard
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]