Hi all, both mandrake and Suse have hardening scripts,
suse has a file called: /etc/permissions.secure and others to allow you to set permissions or exceptions for stuff loaded after the install.. Does mandrake have anything like that? for example, I get thousands of "world writable files" messages in the emails the server sends me each night.. most of them are tmp files.. that I didn't put there, but gnome and kde did.. I'd like to know if there is a problem there or not, and if not, can I get rid of the messages relating to those files.. Also, I thought i'd be smart and make ownership for all files in /var/www/html and /var/www/cgi-bin owned by apache.apache that works great, but all of those files are added to the world writable list.. is it a problem?? should I own the files as another user? or create another user with a /bin/false login? whats the most secure method of ownership for html and cgi files ??? if its not secure to be owned by apache, I'll change it, and I want to stop the error messages as well. any thoughts..?? rgds Frank
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com