On Mon, 17 Sep 2001, Allan Liska wrote: > > Rich, > > Thanks for your comments, please see my answers in-line... > > On Mon, 17 Sep 2001, Rich Bowen wrote: > > > On Sun, 16 Sep 2001, Allan Liska wrote: > > > > > Hello, > > > > > > As I mentioned earlier this week, I would like to try to improve the > > > layout of the security docs. I'd really like feedback from people > > > on this list as to how in-depth the documents should go. As an > > > example, should we explain how to set permissions for optimal > > > security in an Apache root directory? > > > > Yes. The documentation should be the one location where folks need to > > look for information on how to run the Apache server. There are cases > > where off-site links may be appropriate, but I tend to think that the > > docs should be comprehensive. > > > > Okay...that makes sense, so then explaining to people how to chmod and > chroot is not outside the realm of this documentation? Also, are there > enough people on this list comfortable in their system security knowledge > to review any documents presented, to ensure there are no errors...or > really bad ideas :)?
oh, well, I don't think that the use of chmod and chroot needs be covered. I did not think you meant going to that extreme. > Another good point. I don't know that it is something that even needs to > be filled in, it is probably more appropriate just to put links to the > existing sections, and let readers figure things out from the information > in those documents. If this doesn't make sense, maybe I should put > together a sample document on something like Server Side Includes this > week and submit it to the list so I can provide a more clear example? Yes, submitting samples is a good place to start. I'm looking forward to that. -- Rich Bowen - [EMAIL PROTECTED] ReefKnot - http://www.reefknot.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]