Home page logo

basics logo Security Basics mailing list archives

Re: some permission problem?
From: Jason Burroughs <jdog1016 () hotpop com>
Date: Tue, 06 May 2003 22:20:36 -0400

Read the section "Protecting Server Files by Default" in the Apache
documentation at

Hope that helps.

SB CH wrote:

Hello, all.
I found that some malicious man browsed /etc/passwd file by httpd. So
I would like to block to see /etc/passwd file by nobody(http user)
permission. but as you know, any shell logging users should have read
So, is there any method to enable this?
I think that only one method that all users are some group member
except nobody. and only group members can read the /etc/passwd file,
right? but this work is so so hard at my system.
Also, I saw that some commercial host baed ips can do this.
any patch is available?

Thanks in advance and sorry for poor english.

책상위에 다리 올리고 느긋하게 즐긴다... MSN 온라인 상영관

FastTrain has your solution for a great CISSP Boot Camp. The industry's most 
recognized corporate security certification track, provides a comprehensive 
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case 
studies and true hands-on utilization 
of pertinent security tools. For a limited time you can enter for a chance 
to win one of the latest technological innovations, the SEGWAY HT. 
Log onto http://www.securityfocus.com/FastTrain-security-basics 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]