[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] Re: CGI Wrap Errors

Subject: RE: [cobalt-developers] Re: CGI Wrap Errors
From: "John Parris" <jparris@xxxxxxxxxxxxxx>
Date: Tue May 23 17:17:06 2000

Since we're all ranting on security issues, I have a question/issue.

The way home directory security is configured by default on the RAQ2 is a
serious joke. Anyone that has telnet access can see files in just about any
other web directory located in /home/sites/. I read on this list that
changing the default security permissions on the directories disables quota
management. It also can cause problems with getting a bash prompt on telnet.

Now, I know for a fact I've already had one user nosing around in other web
site directories. My question is, is there a way to change all these
permissions, and make it a default setting for new sites, where other users
with telnet cannot go snooping around reading other users' files?

Thanks
John Parris


-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of Jeff Lasman
Sent: Tuesday, May 23, 2000 7:56 PM
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-developers] Re: CGI Wrap Errors


Lennie Core wrote:

> Now, is it possible to just get rid of the Cgi Wrap stuff ?

cgi-wrap is easy to remove.  It's a change in /etc/httpd/conf/httpd.conf
as I recall; if not, then it's a change in one of the other apache
config files.

It IS a big security issue, though; if you're not going to use it, then
I'd certainly want to place a main "cgi-bin" where I put all the
server-wide cgi-files, and a "cgi-local" inside of each domain but
outide of (at the same directory level as) the web directory.

Are you sure you want to go through all that work?

I seem to remember it has to be done on a domain-by-domain basis.  I
don't know if it can be done in the .htaccess files or not; never tried.

I'm very busy today, but I'll look this up and post it if no one else
has done so by tomorrow.

Jeff
--
Jeff Lasman <jblists@xxxxxxxxxxxxx>
nobaloney.net
P. O. Box 52672
Riverside, CA  92517
voice: (909) 787-8589  *  fax: (909) 782-0205

_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers

Follow-Ups:
- RE: [cobalt-developers] Re: CGI Wrap Errors
  - From: corliss
- Re: [cobalt-developers] Re: CGI Wrap Errors
  - From: Will DeHaan

References:
- Re: [cobalt-developers] Re: CGI Wrap Errors
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-developers] recovering deleted files (HELP)
Next by Date: RE: [cobalt-developers] Re: CGI Wrap Errors
Previous by thread: Re: [cobalt-developers] Re: CGI Wrap Errors
Next by thread: RE: [cobalt-developers] Re: CGI Wrap Errors

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index