Voytek wrote:
following the awstats exploits, I'm setting wget/curl/lwp* to 0700
is there any reason I shouldn't set system binaries some/all to 0700 ?
like chmod/chown ?
I have no idea what awstats is asides from being some web app. But are
you running SELinux? The httpd policy should stop the web server from
accessing anything other than files with the web content context.
Mike
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
