From owner-freebsd-ports Thu Feb 8 4:42: 7 2001 Delivered-To: freebsd-ports@freebsd.org Received: from fling.sanbi.ac.za (fling.sanbi.ac.za [196.38.142.119]) by hub.freebsd.org (Postfix) with ESMTP id C28C537B503; Thu, 8 Feb 2001 04:41:47 -0800 (PST) Received: from johann by fling.sanbi.ac.za with local (Exim 3.13 #4) id 14QqO5-000FoL-00; Thu, 08 Feb 2001 14:41:25 +0200 Date: Thu, 8 Feb 2001 14:41:25 +0200 From: Johann Visagie To: Neil Blakey-Milner Cc: Kris Kennaway , ports@FreeBSD.org, sheldonh@freebsd.org Subject: Re: Needed: apache/httpd ports to use 'www' user Message-ID: <20010208144125.I56586@fling.sanbi.ac.za> References: <20010207014012.B22502@mollari.cthul.hu> <20010207115736.A37769@rapier.smartspace.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010207115736.A37769@rapier.smartspace.co.za>; from nbm@mithrandr.moria.org on Wed, Feb 07, 2001 at 11:57:37AM +0200 Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Neil Blakey-Milner on 2001-02-07 (Wed) at 11:57:37 +0200: > > I prefer a "httpd" bikeshed - it's less likely to have been used by > others (and I've seen lots of places with a "www" group, and > group-writable web pages). I personally use "apache", but that may be > too specific; but I like specific. > > I've been working on moving zope to user zope - it's also the way I run > it by default. "squid" is another good target. Moving off at a slight tangent... what about alternative MTAs (where "alterntive" means "non-sendmail")? The only alternative MTA I use fairly often is Exim, and I recently noted that the FreeBSD port of Exim is still installed to run as root. There are certainly some security advantages to be gained from running it as a non-privileged user (though this could imply fiddling with the permissions of various spool directories). Does this apply to other alternative MTAs as well? If so, should there be one "mail" user for all of them, or should they each create their own sanbox user? [ CC to sheldonh, as I've been talking to him about the Exim port recently ] -- Johann To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message