[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-developers] Security issues with running files owned by httpd under a virtual site.

Subject: [cobalt-developers] Security issues with running files owned by httpd under a virtual site.
From: "KAMRY" <kamry1888@xxxxxxxxx>
Date: Sat Jun 23 09:04:06 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

Can some one comments on such a scenario as far as security goes:

I have a site (site2) and that site's DocumentRoot is "/web"
(/home/sites/site2/web) Then I cam and I created folders to be used.

Under (/home/sites/site2) I created two folders as follow:

drwx-wx---   2 site4_admin     httpd        1024 Jun 23 17:14 folder1
drwx------   2 httpd           site4        1024 Jun 23 19:51 folder2

Under (/home/sites/site2/web) I have:

dr-x------  12 httpd    httpd        1024 Jun 23 02:40 folder3


Thus, folder3 is browsable and set to rx just for httpd, now the issue is
that am I violating any Cobalt rules. In other words is it secure to do the
above or am i opening a security whole? Any trouble I might get into other
than the Quota for that virtual site (site2).

Any advice is highly appreciated,

KAL


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

Follow-Ups:
- Re: [cobalt-developers] Security issues with running files owned by httpd under a virtual site.
  - From: shimi

References:
- RE: [cobalt-developers] root access problem
  - From: KAMRY

Prev by Date: Re: [cobalt-developers] root access problem
Next by Date: Re: [cobalt-developers] root access problem
Previous by thread: RE: [cobalt-developers] root access problem
Next by thread: Re: [cobalt-developers] Security issues with running files owned by httpd under a virtual site.

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index