From owner-freebsd-questions Sat Jan 8 16:41:21 2000 Delivered-To: freebsd-questions@freebsd.org Received: from mx.cti.gr (kronos.cti.gr [150.140.1.25]) by hub.freebsd.org (Postfix) with SMTP id B457C14EE1 for ; Sat, 8 Jan 2000 16:41:18 -0800 (PST) (envelope-from keramida@diogenis.ceid.upatras.gr) Received: (qmail 9809 invoked from network); 9 Jan 2000 00:41:03 -0000 Received: from unknown (HELO localhost.hell.gr) (150.140.30.26) by kronos.cti.gr with SMTP; 9 Jan 2000 00:41:03 -0000 Received: (qmail 12659 invoked by uid 1001); 8 Jan 2000 14:51:22 -0000 Date: Sat, 8 Jan 2000 16:51:22 +0200 From: Giorgos Keramidas To: keith@mail.telestream.com Cc: freebsd-questions@freebsd.org Subject: Re: apache130-fp Message-ID: <20000108165122.A12562@hades.hell.gr> Reply-To: keramida@ceid.upatras.gr References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Jan 05, 2000 at 02:57:05PM -0800, keith@mail.telestream.com wrote: > > I've heard many people telling me to not have FP installed for users > on a server due to the security risks. I have yet to have anyone give > me an example of a situation where something was cracked or crashed > due to an FP exploit. Is this just M$ hate mongering or is there a > valid reason to not allow them on the servers? Oh, well... since nobody else did answer on this one ;) If by `FP' you mean the FrontPage extensions for Apache servers, then it's clearly not the best thing you could do to your installation of Apache, thank you! That is because with theses extensions, some of the control over who gets to write to a file and which permissions it will take are managed by these `extensions'. More efficient ways can be found to manage your web server pages. I've always preferred Samba for sharing with Windows using colleagues parts of my filesystems. This has several advantages, like: 1) Samba lets me control who gets to see what, where write permissions are granted, who can browse my shares, etc. 2) It's easier to get an idea of the current `state' of the shared directories with the usual Unix tools, like ls(1), find(1), etc. With FP-extensions there might be some change that's on the `air' when I use my ls(1) commands to browse the directory, which change I will quite probably fail to see ;) The load of a machine that does not need to run Apache but shares with Samba is a lot less than if Apache was running. Be it with an Apache that uses shared objects or not, the memory gains are somewhat important too for me [on a 32 Mb machine, every byte is important]. The bottom line is, you don't need to use FrontPage extensions. You can use plain good ol' Samba and share files with your Unices pretty much the same way that Windows users share their 'neighborhood'. Ciao. -- Giorgos Keramidas, < keramida @ ceid . upatras . gr > "What we have to learn to do, we learn by doing." [Aristotle] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message