[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] RaQ3i -- CGI-BIN Breaks

Subject: Re: [cobalt-users] RaQ3i -- CGI-BIN Breaks
From: flash22@xxxxxxx
Date: Tue Jun 20 14:43:49 2000

On Mon, 19 Jun 2000 PyschoCotic@xxxxxxx wrote:
> I have 230 domains on my RaQ3i and all of a sudden CGI-Bin's are 
> accessible... For example people are able to view the directory structure by 
> visiting
> http://www.adomain.com/cgi-bin
> 
> I see this as a huge security issue in the Cobalt RaQ and after calling 
> Cobalt they told me "Strange things happen when you have a lot of domains."  
> They told me to add a line of code to every single <VirtualHost> tag in 
> httpd.conf
> 
> A little NUTS HUH?  Considering I have 230 domains?  Would someone like to 
> help me find a better solution?  I'm thinking everyones going to need it soon 
> or a later, maybe I was the first person to hit 230 domains?  Anyone know how 
> I can fix this with a simple line of code?

nutz and not a very good fix as the implication is that the server is
having problems reading access control info (running out of file
descripters seems likely given the size of the number ;0

my inclination would be to turn directory indexing off server wide, so
it's off by default , and then turn it on only where you actully want this
behaviour (if anywhere)

ie: find Options Indexes and change it to Options -Indexes

(if you do this before the virtual host sections it should get inherited
by all of them )

References:
- [cobalt-users] RaQ3i -- CGI-BIN Breaks
  - From: PyschoCotic

Prev by Date: RE: [cobalt-users] RaQ3i -- CGI-BIN Breaks
Next by Date: Re: Re[2]: [cobalt-users] /var removal and root password
Previous by thread: RE: [cobalt-users] RaQ3i -- CGI-BIN Breaks
Next by thread: Re: [cobalt-users] RaQ3i -- CGI-BIN Breaks

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index