misiu wrote: > > Hello all, > > I'm new to OpenBSD, I installed it a few times but than did not know > what to do realy. Right now I'm little more experienced with Linux and I > thought give it a nother try. > Now I'm runnin an Openbsd 3.9 Box. > Default setup. I try to run a Webmailbox and later Openvpn. > It did not work so I searched long for an answer. I started httpd -u and > now Openwebmail is running. I read allso that it is insecure, how can I > run httpd chrooted and Openwebmail? Did not find any (for me > understandable) answer. > Openwebmail is not good explained too. Has anyone installed it ? (I > guess for shure) would that one please contact me offlist? > I don't whant step by step help just to shed a little light in.... > > Hope that mail was written in a good manner, my nativ language is > german, so sorry for bad english. > > misiu
Hopefully you get better answers from people who actually know something (there are such on this list), but this may help a bit. The reason for running apache chrooted is not to secure apache, but to keep any insecurity in apache from messing with the rest of your system. The problem with a changed root is that everything you will ever need to access needs to be inside this changed root. All the libriaries, etc etc --- that's right, another copy. One advantage of OpenBSD is that they actually understand security. (Most that tries to pass for security ... isn't (bluntly)) fyi: good is an adjective, tries to modify nouns. doesn't like verbals. well is an adverb, modifies the messes of verb forms and adjectives. (I've seen worse English from natives ;)
