Oden Eriksson wrote on Wed, Jul 31, 2002 at 11:08:30PM +0200 : > > > What I'd like to see for Mandrake is it as quick and > > easy as possible for anybody to get it to do what they > > want it to do (obviously while being very sensitive to > > security issues). > Yes..., it's a very sensible tightrope to walk, either usable and less > secure, or not, I don't know how to accomplish both, maybe someone else does?
That's pretty easy. The world's most secure preconfigured apache server: [root@fiji /var/www]# vdir -a www total 12 drwxr-xr-x 2 root root 4096 Jul 31 19:36 . drwx------ 23 root root 4096 Jul 31 19:36 .. -rw-r--r-- 1 root root 63 Jul 31 19:36 index.html [root@fiji /var/www]# cat www/index.html <META HTTP-EQUIV="Refresh" CONTENT="0; URL=http://google.com";> [root@fiji /var/www]# vdir cgi-bin total 0 Useful? No. Secure? Yes. There is no way to make something featureful and yet secure out of the box if it accepts untrusted input. Don't quote me on that though, I'm not an expert. Blue skies... Todd -- Todd Lyons -- MandrakeSoft, Inc. http://www.mandrakesoft.com/ UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn Cooker Version mandrake-release-9.0-0.2mdk Kernel 2.4.18-21mdk
msg69155/pgp00000.pgp
Description: PGP signature
