httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Remco Bressers <re...@signet.nl>
Subject Re: [users@httpd] Directorylisting files root:wheel
Date Fri, 27 Aug 2004 14:58:58 GMT
Joshua Slive wrote:

>On Fri, 27 Aug 2004 16:44:57 +0200, Remco Bressers <remco@signet.nl> wrote:
>
>  
>
>>Alright,.. so i guess compiling Apache with -DBIG_SECURITY_HOLE is the
>>only 'easy' way of doing this?
>>Are there any caveats in doing this? I will be the only one having
>>access to the webroot of Apache, so no-one will be able to put scripts
>>(php) or whatever overthere. Are there any other things i need to be
>>aware of before running Apache as root ?!
>>    
>>
>
>Yep.  Apache is not designed to run as root, has not been tested
>running as root, and there is a strong liklihood you will create
>security problems if you run it as root.
>
>Sorry 'bout that, but I just don't think it is a good idea.
>  
>
So, my idea is just a 'no go' !? . .to bad :-(

Remco

>Joshua.
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>  
>


-- 

Met vriendelijke groet,
Signet B.V.
 
Remco Bressers
Network Engineer
 
E: rbressers@signet.nl
T: 0499 - 396 094
F: 0499 - 395 579
www.signet.nl
 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message