From owner-freebsd-security Mon May 13 20:53:23 2002 Delivered-To: freebsd-security@freebsd.org Received: from imation.homenetweb.com (noc-p5-3-ky-4.homenetweb.com [216.7.67.90]) by hub.freebsd.org (Postfix) with ESMTP id E0F9837B401 for ; Mon, 13 May 2002 20:53:19 -0700 (PDT) Received: from workstation (d2i-dialin-83.kl.terranova.net [216.89.230.83]) by imation.homenetweb.com (8.12.3/8.12.3) with SMTP id g4E3rGHi014029; Mon, 13 May 2002 23:53:17 -0400 (EDT) Message-ID: <001601c1fafa$dd437c40$53e659d8@workstation> From: "Richard Ward" To: "Gunnar Flygt" , References: <20020514051330.B33845@sr.se> Subject: Re: Secure installation of Apache on 4.5 Date: Mon, 13 May 2002 23:52:54 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'd start by running Apache under a pseudo user in a chroot environment. As a good rule of thumb, chroot as many daemons as you can. -- Richard Ward, GM Home Net Web, Inc. ----- Original Message ----- From: "Gunnar Flygt" To: Sent: Monday, May 13, 2002 11:13 PM Subject: Secure installation of Apache on 4.5 > What would be an secure approach to running Apache with Java-Tomcat on a > FreeBSD 4.5 (or higher) > > Should I install Apache the default port way, or? And the same for the > java parts. > > -- > __o > regards, Gunnar ---_ \<,_ > email: flygt@sr.se ---- (_)/ (_) > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message