From owner-freebsd-isp Fri Mar 22 14:58:51 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 184A237B419 for ; Fri, 22 Mar 2002 14:58:47 -0800 (PST) Received: (qmail 73228 invoked by uid 106); 22 Mar 2002 23:02:20 -0000 Received: from 24-90-123-214.nyc.rr.com (HELO station1) (24.90.123.214) by cobra.acceleratedweb.net with SMTP; 22 Mar 2002 23:02:20 -0000 From: "Simon" To: "Alastair D'Silva" , "Dave" , "freebsd-isp@freebsd.org" Date: Fri, 22 Mar 2002 18:04:44 -0500 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195) In-Reply-To: <001c01c1d1f1$eda14fe0$3200a8c0@riker> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: RE: Questions about Apache Message-Id: <20020322225847.184A237B419@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Do not run your HTTPS daemon as root. On Sat, 23 Mar 2002 09:35:54 +1100, Alastair D'Silva wrote: >I would argue the opposite, a script that is only executable by the >webserver, and checks the UID of the user executing it (and possibly >encrypting it with a reversible encryption based on something unique to >the system such as the hostname, as well as parameters specified on the >command line) is considerably more secure than simply leaving the key >unencrypted. > >Consider the case when some random buffer overflow in your webserver >allows an intruder to execute arbitrary code on the server. It is >(obviously) trivial for them to retrieve the unencrypted key from the >disk, as the web server user must be able to read it anyway. If it is >encrypted, they must not only retrieve the key, but also determine which >executable generates the pass phrase, determine what parameters are >required to run it and finally run it, all without reading the >executable itself to determine its structure. > >-- >Alastair D'Silva B. Sc. mob: 0413 485 733 >Networking Consultant >New Millennium Networking http://www.newmillennium.net.au > >> -----Original Message----- >> From: Dave [mailto:dave@hawk-systems.com] >> Sent: Saturday, 23 March 2002 1:27 AM >> To: Alastair D'Silva; 'Tyler'; freebsd-isp@freebsd.org >> Subject: RE: Questions about Apache >> >> >> Pay attention to the security warnings about this. You may >> be better off not password protecting your key and letting >> the file permissions(root read only) take care of the >> security of it rather than having a password sitting in a >> file somewhere waiting to be parsed. Either choice is really >> dependant on how you have your security model set up. >> >> Dave > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message