[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Anyone seen this before ?

Subject: Re: [cobalt-security] Anyone seen this before ?
From: Bill Irwin <bill_irwin@xxxxxxxx>
Date: Thu, 26 Apr 2001 09:54:08 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Malcolm,

When you publish sites with Frontpage, it sets up the user group as
"nobody". I don't think this is a big worry, since Frontpage REQUIRES
their pages to be this way. If you intend to upload CGI's on a frontpage
site, you should FTP them to the location and make sure privs are set as
chmod 755 *NOT* 777...that would be bad!


Malcolm Wild wrote:
> 
> was:
> drwxrwsr-x   5 httpd    site57       1024 Feb  7 14:38 site57
> now:
> ?--Sr-s---   0 4120     root          416 Jan  1  1970 site57
> WHY!?!
> 
> How can I convert the ? 'file' back to a folder again
> 
> Also:
> drwxrwsr-x   5 nobody   site61       1024 Jun  8  2000 site61
> some later site are created as NOBODY not httpd but httpd running as user
> root??
> I can't have nobody as the site owner for all the domains cos anyone can
> read write anywhere!
> 
> RaQ2 total standard patched up
> only root has telnet/ssh
> 
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security

-- 
Bill Irwin
Technical Support Engineer
Sun Microsystems, Inc.

Follow-Ups:
- RE: [cobalt-security] Anyone seen this before ?
  - From: Malcolm Wild

References:
- [cobalt-security] Anyone seen this before ?
  - From: Malcolm Wild

Prev by Date: RE: [cobalt-security] Antivirus?
Next by Date: [cobalt-security] DNSTelecom AntiVirus Any Experience ?
Previous by thread: [cobalt-security] Anyone seen this before ?
Next by thread: RE: [cobalt-security] Anyone seen this before ?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index