Re: [EMAIL PROTECTED] Apache Security Problem

2008-05-14 Thread Joshua Slive
On Wed, May 14, 2008 at 10:31 AM, Andre Hübner <[EMAIL PROTECTED]> wrote: > Hi List, > > System: Suse 10.1, Apache 2.2.8 > > it seems that i have a security problem with script-created symlinks. > > I have a little php-script that creates with symlink(); a symbolic link to > other file of other us

[EMAIL PROTECTED] Apache Security Problem

2008-05-14 Thread Andre Hübner
Hi List, System: Suse 10.1, Apache 2.2.8 it seems that i have a security problem with script-created symlinks. I have a little php-script that creates with symlink(); a symbolic link to other file of other user. when starting this script as nonroot using php-cli it is successful only if chmo

[EMAIL PROTECTED] Apache security(static compile,jail,obscurity...etc)

2007-09-11 Thread AFrieze
Hi Everyone I was wondering how far you guys go in terms of security. I'm mainly interested in response from people running apps that deal with sensitive data, like credit cards. Do you disable all unneeded modules, compile from source and statically compile every needed module, disabling

[EMAIL PROTECTED] Apache Security connecting to Microsoft SQL

2006-09-28 Thread Jones Scott - sjones
Has anyone connected Apache’s security up to Microsoft SQL?  Can not find any examples of this as an option.   Thanks * The information contained in this communication is confidential, is intended only for the use

Re: [EMAIL PROTECTED] apache security patches

2006-01-08 Thread Joshua Slive
On 1/8/06, Chris <[EMAIL PROTECTED]> wrote: > Hi reffering to these. > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357 > > Is their patches for these? or is anyone who wants to close the holes > expected to use beta code?

[EMAIL PROTECTED] apache security patches

2006-01-07 Thread Chris
Hi reffering to these.   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3352 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3357   Is their patches for these? or is anyone who wants to close the holes expected to use beta code?   thanks   Chris

Re: [EMAIL PROTECTED] Apache security

2005-10-05 Thread Joshua Slive
On 10/5/05, Pedro <[EMAIL PROTECTED]> wrote: > > Hi, > > I have Apache 1.3 working with virtual hosts, PHP, mod_perl but I need to > find a way of allowing one specific virtual host to access and write to > files owned by root and other system users. I've looked into suEXEC but it > is not enough s

[EMAIL PROTECTED] Apache security

2005-10-05 Thread Pedro
Hi,   I have Apache 1.3 working with virtual hosts, PHP, mod_perl but I need to find a way of allowing one specific virtual host to access and write to files owned by root and other system users. I've looked into suEXEC but it is not enough since there are many different owned files I have