RE: iptables access

2003-03-29 Thread Michael Mansour
to it. Michael. --- christopher cuse <[EMAIL PROTECTED]> wrote: > hi larry, > > it is hard to imagine for what reason you would want > to have apache be able > to su to root -- this could/would spell disaster in > a production environment > and should be discouraged. iptable

RE: iptables access

2003-03-28 Thread christopher cuse
hi larry, my last response was unclear -- yawn -- getting ready for bed here. you would want to run an instance of ssl httpd as root and have it listen on an alternative port for your specific need -- iptables security in addition -- apache security as well. multi-tier cheers cc -- redhat-

RE: iptables access

2003-03-28 Thread christopher cuse
see below > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Larry Brown > Sent: Friday, March 28, 2003 7:40 PM > To: [EMAIL PROTECTED] > Subject: RE: iptables access > > > This is kind of my point. Webmin runs as root or a

Re: iptables access

2003-03-28 Thread Jeff Kinz
On Fri, Mar 28, 2003 at 01:40:12PM -0500, Larry Brown wrote: > This is kind of my point. Webmin runs as root or at least executes commands > as root. With Webmin you have access granted or denied by use of a login > mechanism. I can use a login mechanism on apache to do the same granting or > de

RE: iptables access

2003-03-28 Thread Larry Brown
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Jeff Kinz Sent: Friday, March 28, 2003 9:02 AM To: [EMAIL PROTECTED] Subject: Re: iptables access Hey Chris - Please don't "Top Post" > -Original Message- > Is anyone familiar with

Re: iptables access

2003-03-28 Thread Jeff Kinz
ould want to have apache be able > to su to root -- this could/would spell disaster in a production environment > and should be discouraged. iptables access from a non-root user as well is > exceptionally dangerous -- one command could render the network inoperable. > > apache has very r

RE: iptables access

2003-03-28 Thread christopher cuse
hi larry, it is hard to imagine for what reason you would want to have apache be able to su to root -- this could/would spell disaster in a production environment and should be discouraged. iptables access from a non-root user as well is exceptionally dangerous -- one command could render the

iptables access

2003-03-27 Thread Larry Brown
Is anyone familiar with the possibility of running iptables commands as a non-root user? I am trying to execute commands from a web page without running apache as root or going through reconfiguration of apache to allow it to su root. It seems it would be easier to be able to allow a user access