Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 06/01/09 in all areas

  1. 1 point
    Damn, happy birthday, mate!
  2. 1 point
    One final point in terms of security... Apache usually runs under a non-privileged account (httpd, www-data, etc - depending upon your distro) so this account needs: read access to any website content read and execute access to any website directories (execute priv = directory traversal permission) write access to any directories that it needs to amend content in (eg: caches, config dirs, upload dirs). The first two are quite easy: chmod 644 on any files and 755 on any directories and you're away. However, this also means that anyone else on the server can access website content, meaning they could be exposed to confidential information (such as database credentials, backdoor passwords, etc). Rather than set the content world-readable, two alternative options are: set the GROUP of the files/directories to match the group of the webserver account (www-data or the httpd group) then set file permissions to 640 and dirs to 750 Install suPHP on Apache, and set the content back to owner-only accessible. The first is probably a quick and dirty method of doing it, but restricts the content to read/write for owner and read-only for Apache (and nothing for anyone else), thus preventing anyone outside of the website owner and apache to access that content. The second is preferable - it makes Apache perform a "su" to the website owner, accessing it as though it owned the content. This means that all cache data and config files just need to be read/writeable by the owner - no messing about with allowing apache groups or world read-access. So why not go for that latter option all the time? There are some downsides: it requires some configuration at the Apache end, in particular a custom php.ini file per-site it requires setting file/dir permissions carefully, since suPHP will abort serving up content if the mode (owner/group/permissions) do not exactly match that in the suphp config file there is an additional processing overhead (apache needs to keep switching user prior to accessing/delivering content) which can impact busy sites. The alternative is that you set all content to 777 and not worry about it, which is what a lot of new web administrators do. And then they wonder how they got cracked, why they're serving up trojans and exploits on their websites, and how their server has become part of a spam-spewing botnet. I'm afraid "but I didn't know" isn't an adequate defence. "But I didn't research and thus permitted something easily exploitable to be let loose on the internet" is more accurate. Practise safe web administration, people. You know it makes sense!
  3. 1 point
    the easy way as root cd to the 'document root path' of your apache server and do as follows find . -type f -exec chmod 644 {} \; && find . -type d -exec chmod 755 {} \; this sets all your files to 644 and all your directories to 755 for example, cd /usr/local/apache/website/mystuff find . -type f -exec chmod 644 {} \; && find . -type d -exec chmod 755 {} \; cheers anyweb
  4. 1 point
  5. 1 point
    try starting empathy from a console and watch for error messages, post them here
  6. 1 point
    An 18 year old Italian girl tells her Mom that she has missed her period for 2 months. Very worried, the mother goes to the linuxtore and buys a pregnancy kit. The test result shows that the girl is pregnant. Shouting, cursing, crying, the mother says, "who was the pig that did this to you? I want to know!" The girl picks up the phone and makes a call. Half an hour later, a Ferrari stops in front of their house. A mature and distinguished man with gray hair and impeccably dressed in an Armani suit steps out of the of the Ferrari and enters the house. He sits in the living room with the father, mother, and the girl and tells them: "Good morning, your daughter has informed me of the problem. I can't marry her because of my personal family situation but I'll take charge. I will pay all costs and provide for your daughter for the rest of her life. Additionally, if a girl is born, I will bequeath a Ferrari, a beach house, 2 retail stores, a townhouse, a beachfront villa, and a $2,000,000 bank account. If a boy is born, my legacy will be a couple of factories and a $4,000,000 bank account. If twins, they will receive a factory and $2,000,000 each. However, if there is a miscarriage, what do you suggest I do?" At this point, the father, who had remained silent, places a hand firmly on the man's shoulder and tells him, "You do her again."
  7. 1 point
    first one that grabs me is an ssh tunnel? god i can hear my network admin crying.... he'll hate me for telling you! due to the fact of the security issues when a SSL based transfer is made the proxy simple opens the connect and doesn't tamper with it (correctly). Needless to say this is a huge hole in the proxy, so all you do it tunnel through.. currently or net admin is out smarting the users though, basically by forcing the issue with which port the SSL transfers can be made to, this stops bt/mule etc type connections. anyway.. im sure other ways exist, but
  8. 1 point
    ok.. this line maybe throwing you off... echo "%_topdir /home/yourname/src/rpm" >> ~/.rpmmacros should actually be echo "%_topdir $HOME/src/rpm" >> ~/.rpmmacros You might want to manually edit the file and remove the previous addition. If its not this... this is good, the package installed.. the warning is a nothing just saying the rpm isn't signed. give us an output this: ls -lR ~/src/rpm maybe the rpm is different?
×
×
  • Create New...