[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] security hole

Subject: Re: [cobalt-users] security hole
From: Volker Kindermann <listen@xxxxxxxx>
Date: Mon Mar 6 23:13:47 2000

Hi Ray,


> I am told that I am running my webserver as root, which is a bad security
> hole.  My perl scripts are having problem creating directories and files
> and
> reading/writing.  I have fiddled with permissions and ownerships a lot,
> but
> haven't figured it out yet.

who told you? By default the RaQ2 http-daemon runs as user "httpd". It's
right that the very first httpd-prozess is run by root but all others are
run by the user you specified in your /etc/httpd/conf/httpd.conf by the
directive "user".

As said, that is httpd by default. If your hoster has changed this without
exactly knowing what he does it's not so good. Because the user/group modell
on the RaQ depends on the correct settings.

I'll try to help you out but I need some more information. What user is
defined in httpd.conf? What shows a:

ps aux | grep httpd

Who is the owner of the files in your web-directories (SiteAdmin and httpd
or anyone else)?

hth
volker

Follow-Ups:
- Re: [cobalt-users] security hole
  - From: Mat Kovach

Prev by Date: [cobalt-users] pop before relay question
Next by Date: Re: [cobalt-users] Problem with POP before SMTP ?
Previous by thread: [cobalt-users] security hole
Next by thread: Re: [cobalt-users] security hole

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index