On Thu, Sep 26, 2002 at 01:30:23PM +0800, Patrick Hsieh wrote:
> Now that apache has FollowSymLinks and SymLinksIfOwnerMatch options,
> there's still some security issue. For example, someone cp /etc/passwd
> to his home directory(/home/foo/passwd), create a symbolic link from
> /home/foo/passwd t
nate said:
> IMO ldap is more secure then NIS/NIS+ because it does not depend
> upon RPC services(which historically have many security problems).
one more thing to mention in regards to LDAP. With PAM/NSS LDAP
you can configure your directory server to require authentication
for queries, so a
Patrick Hsieh said:
> Hello list,
>
> Now that apache has FollowSymLinks and SymLinksIfOwnerMatch options,
> there's still some security issue. For example, someone cp /etc/passwd to
> his home directory(/home/foo/passwd), create a symbolic link from
> /home/foo/passwd to /var/www/hidden_dir/passw
3 matches
Mail list logo
