dgaudet 97/12/13 16:49:20
Modified: htdocs/manual install.html htdocs/manual/misc security_tips.html Removed: htdocs/manual install_1_1.html Log: We talk about a "proper installation" occasionally... and assume folks know how to set the perms on the serverroot. But I don't think we document it anywhere. Nowhere that's easily found direct from the "how to install" page. Document it better, link to it. Remove the install_1_1 docs. Update a 1.2 reference to 1.3. Revision Changes Path 1.18 +4 -5 apachen/htdocs/manual/install.html Index: install.html =================================================================== RCS file: /export/home/cvs/apachen/htdocs/manual/install.html,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- install.html 1997/11/25 09:47:47 1.17 +++ install.html 1997/12/14 00:49:18 1.18 @@ -14,10 +14,7 @@ > <!--#include virtual="header.html" --> -<H1 ALIGN="CENTER">Compiling and Installing Apache 1.2</H1> - -<P>If you wish to download and install an earlier version of Apache please -read <A HREF="install_1_1.html">Compiling and Installing Apache 1.1</A>.</P> +<H1 ALIGN="CENTER">Compiling and Installing Apache 1.3</H1> UnixWare users will want to consult <A HREF="unixware.html">build notes</A> for various UnixWare versions before compiling. @@ -128,7 +125,9 @@ designed to be configured and run from the same set of directories where it is compiled. If you want to run it from somewhere else, make a directory and copy the <CODE>conf</CODE>, <CODE>logs</CODE> and -<CODE>icons</CODE> directories into it. <P> +<CODE>icons</CODE> directories into it. In either case you should +read the <a href="misc/security_tips.html#serverroot">security tips</a> +describing how to set the permissions on the server root directory.<P> The next step is to edit the configuration files for the server. This consists of setting up various <B>directives</B> in up to three 1.11 +42 -10 apachen/htdocs/manual/misc/security_tips.html Index: security_tips.html =================================================================== RCS file: /export/home/cvs/apachen/htdocs/manual/misc/security_tips.html,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- security_tips.html 1997/07/06 17:19:07 1.10 +++ security_tips.html 1997/12/14 00:49:19 1.11 @@ -22,16 +22,48 @@ <HR> -<H2>Permissions on Log File Directories</H2> -<P>When Apache starts, it opens the log files as the user who started the -server before switching to the user defined in the -<a href="../mod/core.html#user"><b>User</b></a> directive. Anyone who -has write permission for the directory where any log files are -being written to can append pseudo-arbitrary data to any file on the -system which is writable by the user who starts Apache. Since the -server is normally started by root, you should <EM>NOT</EM> give anyone -write permission to the directory where logs are stored unless you -want them to have root access. +<a name="serverroot"> +<H2>Permissions on ServerRoot Directories</H2></a> +<P>In typical operation, Apache is started by the root +user, and it switches to the user defined by the <a +href="../mod/core.html#user"><b>User</b></a> directive to serve hits. +As is the case with any command that root executes, you must take care +that it is protected from modification by non-root users. Not only +must the files themselves be writeable only by root, but so must the +directories, and parents of all directories. For example, if you +choose to place ServerRoot in <code>/usr/local/apache</code> then it is +suggested that you create that directory as root, with commands +like these: + +<blockquote><pre> + mkdir /usr/local/apache + cd /usr/local/apache + mkdir bin conf logs + chown 0 . bin conf logs + chgrp 0 . bin conf logs + chmod 755 . bin conf logs +</pre></blockquote> + +It is assumed that /, /usr, and /usr/local are only modifiable by root. +When you install the httpd executable, you should ensure that it is +similarly protected: + +<blockquote><pre> + cp httpd /usr/local/apache/bin + chown 0 /usr/local/apache/bin/httpd + chgrp 0 /usr/local/apache/bin/httpd + chmod 511 /usr/local/apache/bin/httpd +</pre></blockquote> + +<p>You can create an htdocs subdirectory which is modifiable by other +users -- since root never executes any files out of there, and shouldn't +be creating files in there. + +<p>If you allow non-root users to modify any files that root either +executes or writes on then you open your system to root compromises. +For example, someone could replace the httpd binary so that the next +time you start it, it will execute some arbitrary code. Or someone +could overwrite the logs with arbitrary data. <P> <HR> <H2>Server Side Includes</H2>