Date: Sat, 23 Mar 2002 12:50:37 +1100 From: "Alastair D'Silva" <deece@newmillennium.net.au> To: "'Dave'" <dave@hawk-systems.com>, <freebsd-isp@freebsd.org> Subject: RE: Questions about Apache Message-ID: <002901c1d20d$212cb370$3200a8c0@riker> In-Reply-To: <DBEIKNMKGOBGNDHAAKGNCEKJNGAA.dave@hawk-systems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> The recommendation being to have the keys readable only by > root(chmod 600), then you can start apache via root, then > direct apache via the conf file to run as user www (or > whatever)... starting as root allows it to read the key > (which is readable only by root), and apache runs all > requests as the user specified in the conf file. Given your > buffer overflow, they would logically inherit the permission > of the web server (www, apache, nobody...) and not be able to > view the directory or key files at all, nor any other files > on the server if you are set up correctly, far better setup > than having a file readable by the web server user. > By your same argument, if Apache is started as root (then changes to another user), and the script is only executable by root, then the said malicious user would not be able to execute the script. I'm not saying you *have* to do this, but it does introduce more complexity for the intruder to work around, which could give you the time you need to detect the intrusion. -- Alastair D'Silva B. Sc. mob: 0413 485 733 Networking Consultant New Millennium Networking http://www.newmillennium.net.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002901c1d20d$212cb370$3200a8c0>