Network Security: Detailed info on Re: Apache+PHP+ftp security

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Focus-Linux

[Top] [All Lists]

Re: Apache+PHP+ftp security

from [Eduardo Tongson] Network Security

[Permanent Link]

Subject:	Re: Apache+PHP+ftp security
Date:	Tue, 29 Mar 2005 00:27:17 +0800

On Fri, 25 Mar 2005 19:54:44 +0100, abend <roy@clusterdigital.com> wrote:

In order to solve my problem, my questions are:
- Can i run apache's child processes with an arbitrary user
(configured in a VirtualHost basis)? This solve the second problem,
but is this a good idea?


With your requirements I dont see it being a problem.
I think you should also check out suExec with FastCGI(mod_fastcgi) for
php serving

- Does anyone know how to do the first configuration works as
expected? This solves the problem (safe_mode not needed).
- any other ideas?


Have the upload directory be sgid www-data

-- 
                                                    Eduardo Tongson     
                                                    <pornadmin.net/~tongson>
                                                    <dragonflybsd.sf.net>

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Apache+PHP+ftp security, abend Re: Apache+PHP+ftp security, Eduardo Tongson <= Re: Apache+PHP+ftp security, Shawn Parker Re: Apache+PHP+ftp security, Kalevi Nyman Re: Apache+PHP+ftp security, Mailinglists Address Re: Apache+PHP+ftp security, Anton Titov RE: Apache+PHP+ftp security, Scott Fagg Re: Apache+PHP+ftp security, blogleser-8 Re[2]: Apache+PHP+ftp security, barti

Previous by Date:	Apache+PHP+ftp security, abend
Next by Date:	Re: OpenVPN?, grep
Previous by Thread:	Apache+PHP+ftp security, abend
Next by Thread:	Re: Apache+PHP+ftp security, Shawn Parker
Indexes:	[Date] [Thread] [Top] [All Lists]