Joseph S D Yao wrote:
On Thu, Aug 28, 2008 at 10:31:42AM -0300, Tan, Liao wrote:
Ok, ic I can simply remove the passphrase, and provided the new key be
readabale by root only, I should not have any security problems... is it simply
remove it? or any other settings, configuratios, re-installation?
It should not be owned by root, because you should not be running your
server as root. You should be running your servers as some other user,
say, "apache", and so the uncloaked cert files should be stored as
read-only by "apache".
Yes, and the server should be *started* as root, User/Group modified to
a limited access account (e.g. apache, or nobody), all system resources
initially created and owned by root (e.g. logs/, certs etc), and the
appropriate access control granted to the apache/nobody user (no write
access to logs/, no read access to keys).
There are logs that are dynamically created, give your apache user write
access to a logs/safe/ directory to put those into. But the logs/ dir
should never be modifiable by the apache user. Similarly the certs dir
should never be readable by the apache user.
If you start your server (e.g. launch it) from the 'apache' user account,
it's impossible to keep the running server from manipulating the logs/
directory etc, or accessing keys files, etc.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
