httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dgau...@hyperreal.org
Subject cvs commit: apachen/htdocs/manual/misc security_tips.html
Date Sun, 14 Dec 1997 00:49:20 GMT
dgaudet     97/12/13 16:49:20

  Modified:    htdocs/manual install.html
               htdocs/manual/misc security_tips.html
  Removed:     htdocs/manual install_1_1.html
  Log:
  We talk about a "proper installation" occasionally... and assume folks know
  how to set the perms on the serverroot.  But I don't think we document it
  anywhere.  Nowhere that's easily found direct from the "how to install"
  page.  Document it better, link to it.  Remove the install_1_1 docs.
  Update a 1.2 reference to 1.3.
  
  Revision  Changes    Path
  1.18      +4 -5      apachen/htdocs/manual/install.html
  
  Index: install.html
  ===================================================================
  RCS file: /export/home/cvs/apachen/htdocs/manual/install.html,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- install.html	1997/11/25 09:47:47	1.17
  +++ install.html	1997/12/14 00:49:18	1.18
  @@ -14,10 +14,7 @@
   >
   <!--#include virtual="header.html" -->
   
  -<H1 ALIGN="CENTER">Compiling and Installing Apache 1.2</H1>
  -
  -<P>If you wish to download and install an earlier version of Apache please
  -read <A HREF="install_1_1.html">Compiling and Installing Apache 1.1</A>.</P>
  +<H1 ALIGN="CENTER">Compiling and Installing Apache 1.3</H1>
   
   UnixWare users will want to consult <A HREF="unixware.html">build notes</A>
   for various UnixWare versions before compiling.
  @@ -128,7 +125,9 @@
   designed to be configured and run from the same set of directories
   where it is compiled. If you want to run it from somewhere else, make
   a directory and copy the <CODE>conf</CODE>, <CODE>logs</CODE> and
  -<CODE>icons</CODE> directories into it.  <P>
  +<CODE>icons</CODE> directories into it.  In either case you should
  +read the <a href="misc/security_tips.html#serverroot">security tips</a>
  +describing how to set the permissions on the server root directory.<P>
   
   The next step is to edit the configuration files for the server. This
   consists of setting up various <B>directives</B> in up to three
  
  
  
  1.11      +42 -10    apachen/htdocs/manual/misc/security_tips.html
  
  Index: security_tips.html
  ===================================================================
  RCS file: /export/home/cvs/apachen/htdocs/manual/misc/security_tips.html,v
  retrieving revision 1.10
  retrieving revision 1.11
  diff -u -r1.10 -r1.11
  --- security_tips.html	1997/07/06 17:19:07	1.10
  +++ security_tips.html	1997/12/14 00:49:19	1.11
  @@ -22,16 +22,48 @@
   
   <HR>
   
  -<H2>Permissions on Log File Directories</H2>
  -<P>When Apache starts, it opens the log files as the user who started the
  -server before switching to the user defined in the
  -<a href="../mod/core.html#user"><b>User</b></a> directive.  Anyone
who
  -has write permission for the directory where any log files are
  -being written to can append pseudo-arbitrary data to any file on the
  -system which is writable by the user who starts Apache.  Since the
  -server is normally started by root, you should <EM>NOT</EM> give anyone
  -write permission to the directory where logs are stored unless you
  -want them to have root access.
  +<a name="serverroot">
  +<H2>Permissions on ServerRoot Directories</H2></a>
  +<P>In typical operation, Apache is started by the root
  +user, and it switches to the user defined by the <a
  +href="../mod/core.html#user"><b>User</b></a> directive to serve hits.
  +As is the case with any command that root executes, you must take care
  +that it is protected from modification by non-root users.  Not only
  +must the files themselves be writeable only by root, but so must the
  +directories, and parents of all directories.  For example, if you
  +choose to place ServerRoot in <code>/usr/local/apache</code> then it is
  +suggested that you create that directory as root, with commands
  +like these:
  +
  +<blockquote><pre>
  +    mkdir /usr/local/apache
  +    cd /usr/local/apache
  +    mkdir bin conf logs
  +    chown 0 . bin conf logs
  +    chgrp 0 . bin conf logs
  +    chmod 755 . bin conf logs
  +</pre></blockquote>
  +
  +It is assumed that /, /usr, and /usr/local are only modifiable by root.
  +When you install the httpd executable, you should ensure that it is
  +similarly protected:
  +
  +<blockquote><pre>
  +    cp httpd /usr/local/apache/bin
  +    chown 0 /usr/local/apache/bin/httpd
  +    chgrp 0 /usr/local/apache/bin/httpd
  +    chmod 511 /usr/local/apache/bin/httpd
  +</pre></blockquote>
  +
  +<p>You can create an htdocs subdirectory which is modifiable by other
  +users -- since root never executes any files out of there, and shouldn't
  +be creating files in there.
  +
  +<p>If you allow non-root users to modify any files that root either
  +executes or writes on then you open your system to root compromises.
  +For example, someone could replace the httpd binary so that the next
  +time you start it, it will execute some arbitrary code.  Or someone
  +could overwrite the logs with arbitrary data.
   <P>
   <HR>
   <H2>Server Side Includes</H2>
  
  
  

Mime
View raw message