apache chroot
Peter Mann
Peter.Mann na tuke.sk
Pondělí Červen 9 15:59:48 CEST 2003
Zdravim,
zvysi nastavenie apache web servera do chrootovaneho prostredia
bezpecnost web stranok v php? ake s tym mate skusenosti?
v takejto konfiguracii by aj pripadny utocnik mohol menit "iba" obsah
web stranok, mimo chroot prostredia by sa nemal dostat (hoci som nasiel
aj clanok o tom, ako to obist)
http://penguin.epfl.ch/chroot.html
http://hoohoo.ncsa.uiuc.edu/docs/tutorials/chroot.html
http://www.sdn.or.id/share/Debian-Doc/manuals/securing-debian-howto/ap-chroot-apache-env.en.html
http://www.tldp.org/LDP/solrhe/Securing-Optimizing-Linux-RH-Edition-v1.3/chap29sec254.html
http://linuxpub.w.interia.pl/howto/apache.html
http://www.jtz.org.pl/Inne/Apache_chroot_mini_HOWTO.html
v OpneBSD je to vraj uz "standard":
Chroot'd Apache now Standard
http://www.deadly.org/article.php3?sid=20020710120535
Chroot Break:
http://www.bpfh.net/simes/computing/chroot-break.html
zatial som to podrobne nestudoval, tak by ma zaujimal vas nazor a vase
skusenosti
--
5o Peter.Mann at tuke.sk
KLFMANiK ICQ 12491471
PM2185-RIPE
Další informace o konferenci Linux