| Anonymous | Login | 2024-12-21 23:58 MST |
| Main | My View | View Issues | Change Log | Roadmap | Repositories |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||
| 0000054 | ClearOS | app-web-server - Web Server | public | 2010-03-25 15:35 | 2019-03-11 05:49 | ||||
| Reporter | user2 | ||||||||
| Assigned To | |||||||||
| Priority | normal | Severity | feature | Reproducibility | N/A | ||||
| Status | closed | Resolution | suspended | ||||||
| Platform | OS | OS Version | |||||||
| Product Version | |||||||||
| Target Version | Fixed in Version | ||||||||
| Summary | 0000054: Add fine file/folder security options to support web-based applications | ||||||||
| Description | When installing web-based applications (Joomla, Gallery, etc), the web server (apache) often needs the ability to write to certain files and directories (cache files, upload directories, etc). It is a good security practice to grant the absolute minimum file/directory write privileges. Example bad practice 0000001 - setting the world writeable bits --------------------------------------------------------------------- chmod -R o+rw /var/www/html Example bad practice 0000002 - giving apache world writeable access ------------------------------------------------------------------------------ chown -R webmaster.apache /var/www/html chmod -R g+rw /var/www/html A proper implementation should provide a relatively easy way for an administrator to fine tune the security policies. In other words, the administrator should give an explicit list of files and directories that need apache write privileges, e.g: - cache - images/upload - tmp For some common web applications, a built-in list might be a nice option. | ||||||||
| Tags | No tags attached. | ||||||||
| Attached Files | |||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0010531) NickH (developer) 2019-03-11 05:49 |
Migrated to: https://gitlab.com/clearos/clearfoundation/app-web-server/issues/4 [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2010-03-25 15:35 | user2 | New Issue | |
| 2010-03-25 15:45 | user2 | Status | new => confirmed |
| 2010-06-04 10:11 | user2 | Target Version | 6.0 => 6.1 |
| 2010-06-22 12:06 | user2 | Target Version | 6.1 => Future |
| 2015-05-25 05:10 | user2 | Target Version | Future => |
| 2019-03-11 05:49 | NickH | Note Added: 0010531 | |
| 2019-03-11 05:49 | NickH | Status | confirmed => closed |
| 2019-03-11 05:49 | NickH | Resolution | open => suspended |
|
Issue History |