|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Local problem with Apache
From: Maurycy Prodeus (z33d
eth-security.net)Date: Wed Nov 08 2000 - 16:28:19 CST
- Next message: Gustavo Gibson da Silva: "Substitute for getpw* functions"
- Previous message: Chris Evans: "Re: Wanted: gcc warning :-)"
- In reply to: Pavel Kankovsky: "Re: Local problem with Apache"
- Reply: Maurycy Prodeus: "Re: Local problem with Apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 8 Nov 2000, Pavel Kankovsky wrote:
> > I think, they should warn us in httpd.conf, at least...
>
> They warn us in the manual: see the section titled "Permissions on
> ServerRoot Directories" in "Security Tips for Server Configuration".
Sorry, I missed it. So ... another trap in
configurations ;> Conclusion is simple,
when you find a bug, look at documentation...
The first step of audit should be reading it. :)
"Real hackers" don't read documentation, but
raw sources :)
- z33d
-- __--> http://z33d.eth-security.net/job.html :)
- Next message: Gustavo Gibson da Silva: "Substitute for getpw* functions"
- Previous message: Chris Evans: "Re: Wanted: gcc warning :-)"
- In reply to: Pavel Kankovsky: "Re: Local problem with Apache"
- Reply: Maurycy Prodeus: "Re: Local problem with Apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]