Re: thttpd

From: Michele Andreoli (m.andreoli@tin.it)
Date: Fri Apr 14 2000 - 11:37:59 CEST

• Next message: Michele Andreoli: "Re: linux kernel 2.0.38"
• Previous message: Michele Andreoli: "Re: thttpd"
• In reply to: winsor: "Re: thttpd"
• Next in thread: Clive Wright: "Re: thttpd"
• Reply: Clive Wright: "Re: thttpd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, Apr 13, 2000 at 06:25:22PM -0500, winsor nicely wrote:
> Clive,
> When using Thttpd one MUST give data files(images, text, html) chmod
> 644, and executables chmod 755......this is for security purposes to
> keep a script with incorrect permission from being viewed by a possibly
> hostile user.
> As far as the chroot() call this is the default compilation option, and
> doesn't allow access outside the chosen root directory in any way...

It is true. This is the option "-d" in httpd: it perfome a chroot(), but
symlinks strangely works.

Michele

-- 
I'd like to conclude with a positive statement, but I can't 
remember any. Would two negative ones do?       -- Woody Allen
---------------------------------------------------------------------
To unsubscribe, e-mail: mulinux-unsubscribe@sunsite.auc.dk
For additional commands, e-mail: mulinux-help@sunsite.auc.dk

• Next message: Michele Andreoli: "Re: linux kernel 2.0.38"
• Previous message: Michele Andreoli: "Re: thttpd"
• In reply to: winsor: "Re: thttpd"
• Next in thread: Clive Wright: "Re: thttpd"
• Reply: Clive Wright: "Re: thttpd"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.6 : Sat Feb 08 2003 - 15:27:13 CET