[Gllug] apache virtual hosts
Mark Lowes
hamster at korenwolf.net
Thu Jul 11 16:13:19 UTC 2002
On Thu, 2002-07-11 at 17:01, Jim Bailey wrote:
> On Thu, Jul 11, 2002 at 09:09:01AM +0100, Mark Lowes wrote:
[...]
> > We use symlinks on the core boxen to link the massvhosting directories
[..]
> I am probably getting the wrong end of the stick here but I though
> symlinks were bad security on a web server.
> http://seaglass.com/securing_apache.html
Anything which means an open port is a security problem, allowing users
to create symlinks is a problem (don't allow that where possible),
letting users access to a scripting language (asp, php, python, jsp, etc
etc) is a security problem. It comes down to a balance between complete
paranoia and stupidly open.
--
The Flying Hamster <hamster at korenwolf.net>
http://www.korenwolf.net/
The only things to do with an enemy are make a friend of him or kill
him. Leaving him alive and still an enemy is foolish.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 192 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20020711/2dd029f5/attachment.pgp>
More information about the GLLUG
mailing list