Security Basics mailing list archives
Re: some permission problem?
From: buzzdee <reitenba () fh-brandenburg de>
Date: Wed, 7 May 2003 08:27:19 +0200
Am Dienstag, 6. Mai 2003 09:29 schrieb SB CH:
Hello, all. I found that some malicious man browsed /etc/passwd file by httpd. So I would like to block to see /etc/passwd file by nobody(http user) permission.
you don't need to worry about the permissions of your /etc/passwd file (of course you should ;-) if you want to stop users getting it over http. just add a directive like for your .htaccess files. <Files ~ "^passwd"> Order allow,deny Deny from all </Files> this directive in your httpd.conf should stop users from download files calld passwd. hth buzzdee --------------------------------------------------------------------------- FastTrain has your solution for a great CISSP Boot Camp. The industry's most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-security-basics ----------------------------------------------------------------------------
Current thread:
- some permission problem? SB CH (May 06)
- Re: some permission problem? Remington Winters (May 07)
- Re: some permission problem? Jeff Harris (May 07)
- Re: some permission problem? martincad (May 07)
- Re: some permission problem? Jason Burroughs (May 08)
- Re: some permission problem? buzzdee (May 07)
- Re: some permission problem? Meritt James (May 07)
- Re: some permission problem? Jason Burroughs (May 07)
- Re: some permission problem? Barry Irwin (May 08)
- <Possible follow-ups>
- Re: some permission problem? SB CH (May 09)
- Re: some permission problem? Devdas Bhagat (May 12)
- Re: some permission problem? Remington Winters (May 07)