[rescue] Oh no! This poor Origin server.....
Joshua Boyd
jdboyd at jdboyd.net
Fri Apr 2 12:45:59 CST 2004
On Fri, Apr 02, 2004 at 01:23:05PM -0500, Linc Fessenden wrote:
> Then you don't have to worry a bit about the local root exploits that pop
> up. Good news! The only things you need concern yourself with is the
> ones that affect the web based services you offer, probably php, perl,
> openssl, apache and ssh.
Pretty much. Perl isn't exposed to the net, I hope (I'm not at all
certain of that), but PHP, apache, and ssh are. I'm not currently using
openssl (I think). I want to use OpenSSL, but I haven't gotten around
to figuring out how. In the mean time, I don't use webmail myself, and
I'm disallowing ssh logins to the webmail users.
I'd love to be able to move webmail to a more secure setup and ditch PHP
and apache altogether.
More information about the rescue
mailing list