488889

Suse openSUSE 12.2 Manual

416
Zoom out
Zoom in
Previous page
1/530
Next page
20.7.3 File System Access
By default, access to the whole le system is denied in /etc/apache2/httpd
.conf. You should never overwrite these directives, but specically enable access to
all directories Apache should be able to read. For details, see Section “Basic Virtual
Host Conguration” (page 368). In doing so, ensure that no critical les, such as password
or system conguration les, can be read from the outside.
20.7.4 CGI Scripts
Interactive scripts in Perl, PHP, SSI, or any other programming language can essentially
run arbitrary commands and therefore present a general security issue. Scripts that will
be executed from the server should only be installed from sources the server adminis-
trator trusts—allowing users to run their own scripts is generally not a good idea. It is
also recommended to do security audits for all scripts.
To make the administration of scripts as easy as possible, it is common practice to
limit the execution of CGI scripts to specic directories instead of globally allowing
them. The directives ScriptAlias and Option ExecCGI are used for congura-
tion. The openSUSE default conguration does not allow execution of CGI scripts from
everywhere.
All CGI scripts run as the same user, so different scripts can potentially conict with
each other. The module suEXEC lets you run CGI scripts under a different user and
group.
20.7.5 User Directories
When enabling user directories (with mod_userdir or mod_rewrite) you should
strongly consider not allowing .htaccess les, which would allow users to overwrite
security settings. At least you should limit the user's engagement by using the directive
AllowOverRide. In openSUSE, .htaccess les are enabled by default, but the
user is not allowed to overwrite any Option directives when using mod_userdir
(see the /etc/apache2/mod_userdir.conf conguration le).
398 Reference
416


Need help? Post your question in this forum.

Forumrules


Report abuse

Libble takes abuse of its services very seriously. We're committed to dealing with such abuse according to the laws in your country of residence. When you submit a report, we'll investigate it and take the appropriate action. We'll get back to you only if we require additional details or have more information to share.

Product:

For example, Anti-Semitic content, racist content, or material that could result in a violent physical act.

For example, a credit card number, a personal identification number, or an unlisted home address. Note that email addresses and full names are not considered private information.

Forumrules

To achieve meaningful questions, we apply the following rules:

Register

Register getting emails for Suse openSUSE 12.2 at:


You will receive an email to register for one or both of the options.


Get your user manual by e-mail

Enter your email address to receive the manual of Suse openSUSE 12.2 in the language / languages: English as an attachment in your email.

The manual is 8,65 mb in size.

 

You will receive the manual in your email within minutes. If you have not received an email, then probably have entered the wrong email address or your mailbox is too full. In addition, it may be that your ISP may have a maximum size for emails to receive.

Others manual(s) of Suse openSUSE 12.2

Suse openSUSE 12.2 Quick start guide - English - 284 pages


The manual is sent by email. Check your email

If you have not received an email with the manual within fifteen minutes, it may be that you have a entered a wrong email address or that your ISP has set a maximum size to receive email that is smaller than the size of the manual.

The email address you have provided is not correct.

Please check the email address and correct it.

Your question is posted on this page

Would you like to receive an email when new answers and questions are posted? Please enter your email address.



Info