[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] Anyone seen this before ?
- Subject: RE: [cobalt-security] Anyone seen this before ?
- From: "Malcolm Wild" <malcolm@xxxxxxxxxxx>
- Date: Thu, 26 Apr 2001 17:57:07 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
YEP - but the userID of 'nobody' would only be on the home/sites/siteX/WEB
folder not on the SITEX folder?
-----Original Message-----
From: cobalt-security-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-security-admin@xxxxxxxxxxxxxxx]On Behalf Of Bill Irwin
Sent: 26 April 2001 14:54
To: cobalt-security@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-security] Anyone seen this before ?
Malcolm,
When you publish sites with Frontpage, it sets up the user group as
"nobody". I don't think this is a big worry, since Frontpage REQUIRES
their pages to be this way. If you intend to upload CGI's on a frontpage
site, you should FTP them to the location and make sure privs are set as
chmod 755 *NOT* 777...that would be bad!
Malcolm Wild wrote:
>
> was:
> drwxrwsr-x 5 httpd site57 1024 Feb 7 14:38 site57
> now:
> ?--Sr-s--- 0 4120 root 416 Jan 1 1970 site57
> WHY!?!
>
> How can I convert the ? 'file' back to a folder again
>
> Also:
> drwxrwsr-x 5 nobody site61 1024 Jun 8 2000 site61
> some later site are created as NOBODY not httpd but httpd running as user
> root??
> I can't have nobody as the site owner for all the domains cos anyone can
> read write anywhere!
>
> RaQ2 total standard patched up
> only root has telnet/ssh
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
--
Bill Irwin
Technical Support Engineer
Sun Microsystems, Inc.
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security