Running webserver as apache?
am 10.04.2008 19:21:20 von Mandy Singh
------=_Part_12756_24342795.1207848080554
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi,
I need to know if its a good idea to run webserver as user 'apache', have
all files in webroot owned by user apache and perms 644?
Would this still mean that if server runs as apache and it has read/write
access, someone could take advantage of loop holes on the site and overwrite
some files on our site?
Can someone comment?
Thanks,
Mandy.
------=_Part_12756_24342795.1207848080554
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Hi,
I need to know if its a good idea to run webserver as user 'apache', have all files in webroot owned by user apache and perms 644?
Would this still mean that if server runs as apache and it has read/write access, someone could take advantage of loop holes on the site and overwrite some files on our site?
Can someone comment?
Thanks,
Mandy.
------=_Part_12756_24342795.1207848080554--
Re: Running webserver as apache?
am 11.04.2008 16:05:40 von Mandy Singh
------=_Part_9077_5751217.1207922740264
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Anyone?
On Thu, Apr 10, 2008 at 10:51 PM, Mandy Singh wrote:
> Hi,
>
> I need to know if its a good idea to run webserver as user 'apache', have
> all files in webroot owned by user apache and perms 644?
>
> Would this still mean that if server runs as apache and it has read/write
> access, someone could take advantage of loop holes on the site and overwrite
> some files on our site?
>
> Can someone comment?
>
> Thanks,
> Mandy.
>
------=_Part_9077_5751217.1207922740264
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Anyone?
On Thu, Apr 10, 2008 at 10:51 PM, Mandy Singh <> wrote:
Hi,
I need to know if its a good idea to run webserver as user 'apache', have all files in webroot owned by user apache and perms 644?
Would this still mean that if server runs as apache and it has read/write access, someone could take advantage of loop holes on the site and overwrite some files on our site?
Can someone comment?
Thanks,
Mandy.
------=_Part_9077_5751217.1207922740264--
AW: Re: Running webserver as apache?
am 11.04.2008 16:27:28 von christian.folini
------_=_NextPart_001_01C89BE0.2BC695F5
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Hi Mandy,
=20
> I need to know if its a good idea to run webserver as
> user 'apache', have all files in webroot owned by user=20
> apache and perms 644?
=20
It's not exactly a good idea, but if you are in a situation=20
where the advantage outweighs the problems, then go ahead.
=20
> Would this still mean that if server runs as apache=20
> and it has read/write access, someone could take=20
> advantage of loop holes on the site and overwrite=20
> some files on our site?
=20
Simply speaking yes.
=20
You may also want to look into the mod_suexec.
=20
regs,
=20
Christian Folini
------_=_NextPart_001_01C89BE0.2BC695F5
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
charset=3Dus-ascii">
Hi=20
Mandy,
class=3D209512214-11042008>
size=3D2>
class=3D209512214-11042008>> I need to know if its a good idea =
to run=20
webserver as
class=3D209512214-11042008>> user 'apache', have all files in =
webroot=20
owned by user
class=3D209512214-11042008>> apache and perms=20
644?
It's =
not exactly a=20
good idea, but if you are in a situation
where =
the advantage=20
outweighs the problems, then go ahead.
class=3D209512214-11042008>
class=3D209512214-11042008>>=20
Would this still mean that if server runs as apache =
class=3D209512214-11042008>> and it has read/write =
access,
class=3D209512214-11042008>
>
face=3DArial>someone could take =
class=3D209512214-11042008>> advantage of loop holes on the =
site and=20
overwrite
class=3D209512214-11042008>> some files on our=20
site?
Simply =
speaking=20
yes.
size=3D2>
You =
may also want to=20
look into the mod_suexec.
size=3D2>
class=3D209512214-11042008>
size=3D2>
size=3D2>regs,
size=3D2>
size=3D2>Christian=20
Folini
------_=_NextPart_001_01C89BE0.2BC695F5--
Re: Re: Running webserver as apache?
am 11.04.2008 20:14:56 von j k
------=_Part_7274_13742672.1207937696260
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On Fri, Apr 11, 2008 at 7:27 AM, wrote:
> Hi Mandy,
>
> > I need to know if its a good idea to run webserver as
> > user 'apache', have all files in webroot owned by user
> > apache and perms 644?
>
> It's not exactly a good idea, but if you are in a situation
> where the advantage outweighs the problems, then go ahead.
>
> > Would this still mean that if server runs as apache
> > and it has read/write access, someone could take
> > advantage of loop holes on the site and overwrite
> > some files on our site?
>
> Simply speaking yes.
>
> You may also want to look into the mod_suexec.
>
> regs,
>
> Christian Folini
>
Hi Christian,
could you point us to any discussion on this topic. I'm interested to know
the pros and cons.
Thanks
Jonny
------=_Part_7274_13742672.1207937696260
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
On Fri, Apr 11, 2008 at 7:27 AM, <christian.folini@post.ch> wrote:
Hi
Mandy,
> I need to know if its a good idea to run
webserver as
> user 'apache', have all files in webroot
owned by user
> apache and perms
644?
It's not exactly a
good idea, but if you are in a situation
where the advantage
outweighs the problems, then go ahead.
>
Would this still mean that if server runs as apache
> and it has read/write access, someone could take
> advantage of loop holes on the site and
overwrite
> some files on our
site?
Simply speaking
yes.
You may also want to
look into the mod_suexec.
regs,
Christian
Folini
could you point us to any discussion on this topic. I'm interested to know the pros and cons.
Thanks
Jonny
------=_Part_7274_13742672.1207937696260--