J. Craig Woods grabbed a keyboard and wrote:
>
> David Guntner wrote:
> >
> > Actually, Brandon hit it on the head. <slaps forehead> I should have
> > noticed that the directory permissions would have kept the Apache user from
> > getting to anything there....
> >
> > Thanks, though!
>
> Yes, he did, and I should have seen the absence of said bits too.
> However, out of curiosity, did you add options, such as "Allow from" or
> "Deny from" to the directory options in your conf file? And, if not, how
> will you control which client machine or user will run these scrips?
> Assigning directory perms will only solve part of this control issue for
> your cgi directory.
I haven't done so yet, but the interface requires a login when you connect
to the server. Without that, you can't access the system, either. I plan
to put the deny/allow stuff you mentioned in, provided I decide to keep
using PureSecure (it's proving an... interesting challenge to get it
running completely - I can't get the version of snort they provide to
connect to the database). I may just end up getting rid of the whole thing
and put Mandrake's version of snort back in place, and see if I can't find
a good monitor/report that will work with that.
--Dave
--
David Guntner GEnie: Just say NO!
http://www.akaMail.com/pgpkey/davidg or key server
for PGP Public key
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
