'[Cooker] [Bug 17406] [apache-conf] RESOLVED: DocumentRoot should not be owned by the apache user'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mandrake-cooker
Subject:    [Cooker] [Bug 17406] [apache-conf] RESOLVED: DocumentRoot should not be owned by the apache user
From:       "oeriksson () mandriva ! com" <bugzilla () qa ! mandrivalinux ! com>
Date:       2005-08-31 20:41:30
Message-ID: bug17406.20050831204130.360961 () qa ! mandriva ! com
[Download RAW message or body]

User ID: 1324, 19 bugs reported (105 fixed, 0 duplicate, 0 invalid), 389 comments.

http://qa.mandriva.com/show_bug.cgi?id=17406


oeriksson@mandriva.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |FIXED




------- Comment #2 from oeriksson@mandriva.com  2005-08-31 22:41 -------
Fixed now.


-- 
Configure bugmail: http://qa.mandriva.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


------- Reminder: -------
assigned_to: oeriksson@mandriva.com
status: RESOLVED
distribution: cooker
creation_date: 
description: 
It's bad security to have the DocumentRoot dir/files (and any files/dirs below
it, actually) owned by "apache:apache". A bad cgi/module can just wipe out those
files, for example.

Apache should only be granted permission to write where explicitly needed by
some application.

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic