On Mon, 2 Sep 2002 11:08:38 +0300 "Kostadin Karaivanov" <[EMAIL PROTECTED]> wrote:
> BEZ PAROLA GLUPOSTI !!!!!!!!!!!!!!!!! > > w /etc/apache ili tam kadeto ti e confa slagash > SSLPassPhraseDialog exec:/sbin/mypass > > prawish si /sbin/mypass w coito ima > echo parolata_na_setifikata > > i si w biznesa :-))))) > ops i da ne zabrawish da go chownesh root.root i da go naprawish executable I tova e siguren variant? Moze bi, no pass-a ti ostava v javen vid na mashinata. Owner e root, i kakvo? i v dvata sluchaja za da se komprometira certificata ti trjabva access do nego (files - cert i private key). Naistina tozi variant izglezda po-krasiv, no te ostavja s leko falshivoto spokoistvie, che poneze certificate e s parola e sigurno reshenie. I v dvata sluchaja e nuzen private key na certificata za da moze da bude izpolzvan. Ako njama parola, owner na private key-a e pak root - znachi pak trjabva da se dokopame do file sobstvenost na root. Misulta mi e, che za po-paranoichnia admin i dvata varianta izglezdat ednakvo riskovi. Take care Boris Jordanov (borj) <[EMAIL PROTECTED]> ICQ 10751645 PGP-key-fingerprint:------------------------------ CB23 8B52 5FBC F36A 1B61 F1ED 2831 E52D AAFF 7B08 -------------------------------------------------- Public-key:--------------------------------------- http://borj.freeshell.org/borj.asc -------------------------------------------------- To err is human... to really foul up requires the root password.
msg12203/pgp00000.pgp
Description: PGP signature
