[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] /tmp/-v ?

Subject: Re: [cobalt-security] /tmp/-v ?
From: shimi <shimi@xxxxxxxxxxxxxxxx>
Date: Mon, 28 May 2001 13:30:23 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Sun, 27 May 2001, Gerald Waugh wrote:

> > > Regarding httpd, yes, that's correct. You should have two httpd processes
> > > running as root (at least)
> > > 
> > > which are the admserv and the normal httpd listening on port 80 and 81.
> > > they must run as root for a very simple reason - normal users can't listen
> > > on ports 1-1024. (or 1023, i'm not sure, anyhow it's within range)
> > > 
> With SSL:
> admserv listening on ports 81,443 and 444, normal httpd listening of port 80.
> Without SSL:
> admserv listening on ports 81,and 444, normal httpd listening of port 80.
> Is this correct?
> Gerald

I have only with SSL, and I think you're wrong...

because my URL is https://www.domain.com:81/blablabla

I believe that the : who states the port bypassws all defaults... besides,
if admserv listens on the normal httpd's security (ssl) port, where is
httpd (normal) listens? think about it :)

I believe admserv always listens on 81, and serves SSL if an SSL cert is
installed. I might be wrong, of course :0

- shimi.

Follow-Ups:
- Re: [cobalt-security] /tmp/-v ?
  - From: fsn
- Re: [cobalt-security] /tmp/-v ?
  - From: Gerald Waugh

References:
- Re: [cobalt-security] /tmp/-v ?
  - From: Gerald Waugh

Prev by Date: [cobalt-security] ftp access
Next by Date: Re: [cobalt-security] /tmp/-v ?
Previous by thread: Re: [cobalt-security] /tmp/-v ?
Next by thread: Re: [cobalt-security] /tmp/-v ?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index