From owner-freebsd-questions@FreeBSD.ORG Tue Feb 7 22:59:38 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAB5F106567F for ; Tue, 7 Feb 2012 22:59:38 +0000 (UTC) (envelope-from mikel.king@olivent.com) Received: from mail.olivent.com (mail.olivent.com [75.99.82.91]) by mx1.freebsd.org (Postfix) with ESMTP id 4D5998FC13 for ; Tue, 7 Feb 2012 22:59:37 +0000 (UTC) Received: from localhost ([127.0.0.1]) by mail.olivent.com (Kerio Connect 7.0.0 patch 1) (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits)); Tue, 7 Feb 2012 17:59:34 -0500 Mime-Version: 1.0 (Apple Message framework v1084) Content-Type: text/plain; charset=us-ascii From: mikel king In-Reply-To: Date: Tue, 7 Feb 2012 17:59:27 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <6F081A41-0EA8-4DB4-8FB9-F2E9A75EC948@olivent.com> References: <4F300FCD.8070804@nagual.nl> To: David Brodbeck X-Mailer: Apple Mail (2.1084) Cc: FreeBSD Questions Subject: Re: fbsd safety of the ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Feb 2012 22:59:38 -0000 On Feb 7, 2012, at 5:15 PM, David Brodbeck wrote: > On Mon, Feb 6, 2012 at 9:37 AM, dick wrote: >> I'm a bit confused. I always believed FreeBSD is a very safe system. = That >> may be true for the core files, but what about ports. >>=20 >> On the net I read _never_ to let the webserver be the owner of its = files and >> yet, ports like Drupal or WordPress make the files rwx for the owner = (www) >> as well as the group (www). How does this fit into fbsd's safety = policy? >=20 > Content management systems are a bit of a sticky wicket for security. >=20 > The reason for not allowing the web server user to own files is so > that someone who hacks a web app can't modify the site contents. But > the whole reason for running a CMS system is to allow modifying the > site contents via a web app. >=20 > One compromise, used by TWiki and some other systems, is to make the > content writable by web processes but the actual code read-only. > That's more secure but it requires a lot of manual intervention for > updates and configuration changes. You *can* run WordPress this way, > and it will be more secure, but you'll lose the automated update > functionality as well as most of the web GUI configuration capability. > Not necessarily a problem if you have good command line fu, but it > can get tedious. Sounds like a good area for a maintenance tool script. Run the script = prior to updates/config changes to temporarily open the permissions. = After the update has been completed rerun the script to re-secure the = permissions. Probably included a little db back in the preparation. Thoughts? m=