-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Excuse-me sir, I reformulate: turning off suid privileges prevent users from beeing authenticated outsite admin console.
So how did you test it? Because, as I see, you can still access admin ui, ok. But what about pages on a normal website? Did you really test it? Michael Stauber wrote: |>Turning off suid privileges on /usr/lib/authenticate means apache won't be |>able to authenticate users anymore. |>So, you won't be able to access admin console. | | | That's not correct. | | I have removed the SUID bit on /usr/lib/authenticate on all my RaQs and and | still everything except Frontpage works. I don't use Frontpage, so I'm still | a happy camper. | - -- Rene Luria <[EMAIL PROTECTED]> Unix Administrator - Infomaniak Network SA PGP key DFE5C340 at keyserver.pgp.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE9jvkpJ1jvMN/lw0ARArBYAKCdakIlRIpE2KXpncANP0MhxKDMXwCfZzgU XtX7HO3FCPblnQ084+B4nJ0= =RYMG -----END PGP SIGNATURE----- _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
