dgaudet 97/12/13 16:49:20
Modified: htdocs/manual install.html
htdocs/manual/misc security_tips.html
Removed: htdocs/manual install_1_1.html
Log:
We talk about a "proper installation" occasionally... and assume folks know
how to set the perms on the serverroot. But I don't think we document it
anywhere. Nowhere that's easily found direct from the "how to install"
page. Document it better, link to it. Remove the install_1_1 docs.
Update a 1.2 reference to 1.3.
Revision Changes Path
1.18 +4 -5 apachen/htdocs/manual/install.html
Index: install.html
===================================================================
RCS file: /export/home/cvs/apachen/htdocs/manual/install.html,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- install.html 1997/11/25 09:47:47 1.17
+++ install.html 1997/12/14 00:49:18 1.18
@@ -14,10 +14,7 @@
>
<!--#include virtual="header.html" -->
-<H1 ALIGN="CENTER">Compiling and Installing Apache 1.2</H1>
-
-<P>If you wish to download and install an earlier version of Apache please
-read <A HREF="install_1_1.html">Compiling and Installing Apache 1.1</A>.</P>
+<H1 ALIGN="CENTER">Compiling and Installing Apache 1.3</H1>
UnixWare users will want to consult <A HREF="unixware.html">build notes</A>
for various UnixWare versions before compiling.
@@ -128,7 +125,9 @@
designed to be configured and run from the same set of directories
where it is compiled. If you want to run it from somewhere else, make
a directory and copy the <CODE>conf</CODE>, <CODE>logs</CODE> and
-<CODE>icons</CODE> directories into it. <P>
+<CODE>icons</CODE> directories into it. In either case you should
+read the <a href="misc/security_tips.html#serverroot">security tips</a>
+describing how to set the permissions on the server root directory.<P>
The next step is to edit the configuration files for the server. This
consists of setting up various <B>directives</B> in up to three
1.11 +42 -10 apachen/htdocs/manual/misc/security_tips.html
Index: security_tips.html
===================================================================
RCS file: /export/home/cvs/apachen/htdocs/manual/misc/security_tips.html,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- security_tips.html 1997/07/06 17:19:07 1.10
+++ security_tips.html 1997/12/14 00:49:19 1.11
@@ -22,16 +22,48 @@
<HR>
-<H2>Permissions on Log File Directories</H2>
-<P>When Apache starts, it opens the log files as the user who started the
-server before switching to the user defined in the
-<a href="../mod/core.html#user"><b>User</b></a> directive. Anyone who
-has write permission for the directory where any log files are
-being written to can append pseudo-arbitrary data to any file on the
-system which is writable by the user who starts Apache. Since the
-server is normally started by root, you should <EM>NOT</EM> give anyone
-write permission to the directory where logs are stored unless you
-want them to have root access.
+<a name="serverroot">
+<H2>Permissions on ServerRoot Directories</H2></a>
+<P>In typical operation, Apache is started by the root
+user, and it switches to the user defined by the <a
+href="../mod/core.html#user"><b>User</b></a> directive to serve hits.
+As is the case with any command that root executes, you must take care
+that it is protected from modification by non-root users. Not only
+must the files themselves be writeable only by root, but so must the
+directories, and parents of all directories. For example, if you
+choose to place ServerRoot in <code>/usr/local/apache</code> then it is
+suggested that you create that directory as root, with commands
+like these:
+
+<blockquote><pre>
+ mkdir /usr/local/apache
+ cd /usr/local/apache
+ mkdir bin conf logs
+ chown 0 . bin conf logs
+ chgrp 0 . bin conf logs
+ chmod 755 . bin conf logs
+</pre></blockquote>
+
+It is assumed that /, /usr, and /usr/local are only modifiable by root.
+When you install the httpd executable, you should ensure that it is
+similarly protected:
+
+<blockquote><pre>
+ cp httpd /usr/local/apache/bin
+ chown 0 /usr/local/apache/bin/httpd
+ chgrp 0 /usr/local/apache/bin/httpd
+ chmod 511 /usr/local/apache/bin/httpd
+</pre></blockquote>
+
+<p>You can create an htdocs subdirectory which is modifiable by other
+users -- since root never executes any files out of there, and shouldn't
+be creating files in there.
+
+<p>If you allow non-root users to modify any files that root either
+executes or writes on then you open your system to root compromises.
+For example, someone could replace the httpd binary so that the next
+time you start it, it will execute some arbitrary code. Or someone
+could overwrite the logs with arbitrary data.
<P>
<HR>
<H2>Server Side Includes</H2>
