Date: Thu, 13 Jul 2006 11:05:09 -0400 (EDT) From: Jerry McAllister <jerrymc@clunix.cl.msu.edu> To: freebsd.ph@gmail.com (jan gestre) Cc: Liste FreeBSD <freebsd-questions@freebsd.org> Subject: Re: getting rid of apache passphrase Message-ID: <200607131505.k6DF591r017917@clunix.cl.msu.edu> In-Reply-To: <a25afc300607130706n54129229i53b9e5c62878d2e2@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > hello people, > > just want to ask if getting rid of the apache passphrase poses a security > threat, i don't want the company i worked for calling me up everytime they > cant access the webserver because the server is asking for the passphrase > everytime the box restarts du to power failure. Depends on how good your control of access to the server is. In my case for example, I control physical access to the machine. That could be, and has been a problem when I was away and power went out, to get things back up, so I got rid of the passphrase. Now, as long as the fsck-s clear at boot time, the server makes it all the way back up without intervention. But, if you have a lot of people running around, even if ignorant, then you might want to think again about eliminating it. It is less likely to be a concern for remote access, but could come up, especially if someone gets root to your server. Of course, then all bets are off anyway. ////jerry > > TIA > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200607131505.k6DF591r017917>