From owner-freebsd-security Mon May 13 21: 0:52 2002 Delivered-To: freebsd-security@freebsd.org Received: from dart.sr.se (dart.sr.se [134.25.0.132]) by hub.freebsd.org (Postfix) with ESMTP id BBD5237B409 for ; Mon, 13 May 2002 21:00:45 -0700 (PDT) Received: from honken.sr.se (honken.sr.se [134.25.128.27]) by dart.sr.se (8.11.6/8.11.6) with ESMTP id g4E40eN13045; Tue, 14 May 2002 06:00:40 +0200 (CEST) (envelope-from gunnar@pluto.sr.se) Received: from pluto.sr.se (pluto.SR.SE [134.25.193.91]) by honken.sr.se (8.9.3/8.9.3) with ESMTP id GAA22035; Tue, 14 May 2002 06:00:40 +0200 (CEST) (envelope-from gunnar@pluto.sr.se) Received: (from root@localhost) by pluto.sr.se (8.11.6/8.11.1) id g4E40eT34117; Tue, 14 May 2002 06:00:40 +0200 (CEST) (envelope-from gunnar) Received: (from gunnar@localhost) by pluto.sr.se (8.11.6/8.11.1av) id g4E40bv34109; Tue, 14 May 2002 06:00:37 +0200 (CEST) (envelope-from gunnar) Date: Tue, 14 May 2002 06:00:37 +0200 From: Gunnar Flygt To: Richard Ward Cc: freebsd-security@freebsd.org Subject: Re: Secure installation of Apache on 4.5 Message-ID: <20020514060037.D33845@sr.se> Reply-To: Gunnar Flygt References: <20020514051330.B33845@sr.se> <001601c1fafa$dd437c40$53e659d8@workstation> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <001601c1fafa$dd437c40$53e659d8@workstation>; from mh@homenetweb.com on Mon, May 13, 2002 at 11:52:54PM -0400 X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, May 13, 2002 at 11:52:54PM -0400, Richard Ward wrote: > I'd start by running Apache under a pseudo user in a chroot environment. As > a good rule of thumb, chroot as many daemons as you can. Yes that seems to be a good start, but is there any reason NOT to install the binaries in the (by the ports) default directories? > > -- > Richard Ward, GM > Home Net Web, Inc. > > > ----- Original Message ----- > From: "Gunnar Flygt" > To: > Sent: Monday, May 13, 2002 11:13 PM > Subject: Secure installation of Apache on 4.5 > > > > What would be an secure approach to running Apache with Java-Tomcat on a > > FreeBSD 4.5 (or higher) > > > > Should I install Apache the default port way, or? And the same for the > > java parts. > > > > -- > > __o > > regards, Gunnar ---_ \<,_ > > email: flygt@sr.se ---- (_)/ (_) > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > -- __o regards, Gunnar ---_ \<,_ email: flygt@sr.se ---- (_)/ (_) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message