Date: Thu, 8 Feb 2001 14:41:25 +0200 From: Johann Visagie <johann@egenetics.com> To: Neil Blakey-Milner <nbm@mithrandr.moria.org> Cc: Kris Kennaway <kris@obsecurity.org>, ports@FreeBSD.org, sheldonh@freebsd.org Subject: Re: Needed: apache/httpd ports to use 'www' user Message-ID: <20010208144125.I56586@fling.sanbi.ac.za> In-Reply-To: <20010207115736.A37769@rapier.smartspace.co.za>; from nbm@mithrandr.moria.org on Wed, Feb 07, 2001 at 11:57:37AM %2B0200 References: <20010207014012.B22502@mollari.cthul.hu> <20010207115736.A37769@rapier.smartspace.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Neil Blakey-Milner on 2001-02-07 (Wed) at 11:57:37 +0200: > > I prefer a "httpd" bikeshed - it's less likely to have been used by > others (and I've seen lots of places with a "www" group, and > group-writable web pages). I personally use "apache", but that may be > too specific; but I like specific. > > I've been working on moving zope to user zope - it's also the way I run > it by default. "squid" is another good target. Moving off at a slight tangent... what about alternative MTAs (where "alterntive" means "non-sendmail")? The only alternative MTA I use fairly often is Exim, and I recently noted that the FreeBSD port of Exim is still installed to run as root. There are certainly some security advantages to be gained from running it as a non-privileged user (though this could imply fiddling with the permissions of various spool directories). Does this apply to other alternative MTAs as well? If so, should there be one "mail" user for all of them, or should they each create their own sanbox user? [ CC to sheldonh, as I've been talking to him about the Exim port recently ] -- Johann To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010208144125.I56586>