Date: Thu, 5 Sep 2002 08:24:23 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Billy Joe Jim Bob <jamie@gnulife.org> Cc: freebsd-newbies@FreeBSD.ORG Subject: Re: Security hole with Lynx Message-ID: <20020905052423.GL8069@hades.hell.gr> In-Reply-To: <20020904234114.Q98124-100000@floyd.gnulife.org> References: <20020904234114.Q98124-100000@floyd.gnulife.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-09-04 23:44 +0000, Billy Joe Jim Bob wrote: > I've just discovered a security hole in one of my servers. It is > FreeBSD 4.5 and I am running Apache on it. I've installed Lynx and the > permissions on Lynx are 555, owned by root.wheel. Since it has world > executable permission, anyone can download from anyones directory on the > machine by simply connecting to localhost. What is the best way to buttun > that up so that everyone can use the browser, but not everyone can access > anybodys files? That seems more like an Apache configuration issue, than a lynx problem. -- FreeBSD: The Power to Serve -- http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-newbies" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020905052423.GL8069>