[isf-wifidog] Paths in WiFiDog auth server
Benoit Grégoire
bock at step.polymtl.ca
Lun 30 Jan 01:15:42 EST 2006
On January 30, 2006 12:09 am, Max Horváth wrote:
> - gpg control packet
>
> Pete Flaherty wrote:
> > Max,
> > Remember some of us run Wifidog Auth in a chrooted jail
> > environment, so anything that is wifidog/ (aka public_html) needs
> > to stay below that structure or we berak things
> >
> > -Pete Flaherty
>
> Pete,
>
> I remember that. And this is the best way to run the auth server. ;)
>
> But you can configure the chrooted Apache to include those folders.
> You just have to start at / - not /wifidog.
True, but that needs explicit modification to apache configuration for every
installation of wifidog. Furthermore it's a new class of path problems to
detect and deal with. Finally, it makes running wifidog from the
subdirectory of an existing vhost really annoying (the path above
you /wifidog will actually point to another directory, so you'll have to
explicitely add it to your PHP path in the apache config file).
> I think it's important to get some folders out of "public_html" -
> it's for the survey of files and for files that just don't belong to
> the "public world" ;) ...
>
> Please prove me if I'm wrong :) ...
Well, the content of class and include files can't be listed unless you have a
really broken configuration, so I'd say the risk is pretty minimal. In any
case the only sensitive file is the config file (it will always contain the
username and password of the database).
--
Benoit Grégoire, http://benoitg.coeus.ca/
-------------- section suivante --------------
Une pièce jointe non texte a été nettoyée...
Nom: non disponible
Type: application/pgp-signature
Taille: 189 octets
Desc: non disponible
Url: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060130/069a71ba/attachment.pgp
More information about the WiFiDog
mailing list