[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-developers] Re: CGI Wrap Errors

Subject: RE: [cobalt-developers] Re: CGI Wrap Errors
From: "John Parris" <jparris@xxxxxxxxxxxxxx>
Date: Tue May 23 17:59:14 2000

I just tried that and it doesn't work. Each site has it's own group, and
each user for that site goes into the corresponding group. I get an error
even when I ftp in on that site.

btw, it also appears that the directory permissions, by default, are set to
2775. Which to me, seems worse... ?

-----Original Message-----
From: cobalt-developers-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-developers-admin@xxxxxxxxxxxxxxx]On Behalf Of
corliss@xxxxxxxxxxxxxxx
Sent: Tuesday, May 23, 2000 8:32 PM
To: cobalt-developers@xxxxxxxxxxxxxxx
Subject: RE: [cobalt-developers] Re: CGI Wrap Errors

On Tue, 23 May 2000, John Parris wrote:

> Since we're all ranting on security issues, I have a question/issue.
>
> The way home directory security is configured by default on the RAQ2 is a
> serious joke. Anyone that has telnet access can see files in just about
any
> other web directory located in /home/sites/. I read on this list that
> changing the default security permissions on the directories disables
quota
> management. It also can cause problems with getting a bash prompt on
telnet.
>
> Now, I know for a fact I've already had one user nosing around in other
web
> site directories. My question is, is there a way to change all these
> permissions, and make it a default setting for new sites, where other
users
> with telnet cannot go snooping around reading other users' files?

Now, I don't use the Cobalts for hosting (don't trust them that much ;-),
but
if they're set up anything like the Qube I have next to my desk, then it's
easy.  Looks like they set the directory permissions to 0755, which *is*
sloppy and ludicrous.  If all of your users are in the same group (users),
then change the permissions to 0701.  That will disallow users from
prowling,
while still letting the web server to access the internal directories to
serve
pages.

This shouldn't intefere with shell access or quotas.

	--Arthur Corliss
	  Programmer/Administrator
	  Gallant Technologies (http://www.gallanttech.com/)

_______________________________________________
cobalt-developers mailing list
cobalt-developers@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-developers

Follow-Ups:
- Re: [cobalt-developers] Re: CGI Wrap Errors
  - From: Will DeHaan
- RE: [cobalt-developers] Re: CGI Wrap Errors
  - From: corliss

References:
- RE: [cobalt-developers] Re: CGI Wrap Errors
  - From: corliss

Prev by Date: RE: [cobalt-developers] Re: CGI Wrap Errors
Next by Date: Re: [cobalt-developers] recovering deleted files (HELP)
Previous by thread: RE: [cobalt-developers] Re: CGI Wrap Errors
Next by thread: Re: [cobalt-developers] Re: CGI Wrap Errors

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index