[isf-wifidog] Paths in WiFiDog auth server

Benoit Grégoire bock at step.polymtl.ca
Lun 30 Jan 01:15:42 EST 2006

On January 30, 2006 12:09 am, Max Horváth wrote:
> - gpg control packet
> Pete Flaherty wrote:
> > Max,
> > Remember some of us run Wifidog Auth in a chrooted jail
> > environment, so anything that is wifidog/ (aka public_html) needs
> > to stay below that structure or we berak things
> >
> > -Pete Flaherty
> Pete,
> I remember that. And this is the best way to run the auth server. ;)
> But you can configure the chrooted Apache to include those folders.
> You just have to start at / - not /wifidog.

True, but that needs explicit modification to apache configuration for every 
installation of wifidog.  Furthermore it's a new class of path problems to 
detect and deal with.  Finally, it makes running wifidog from the 
subdirectory of an existing vhost really annoying (the path above 
you /wifidog will actually point to another directory, so you'll have to 
explicitely add it to your PHP path in the apache config file).

> I think it's important to get some folders out of "public_html" -
> it's for the survey of files and for files that just don't belong to
> the "public world" ;) ...
> Please prove me if I'm wrong :) ...

Well, the content of class and include files can't be listed unless you have a 
really broken configuration, so I'd say the risk is pretty minimal.   In any 
case the only sensitive file is the config file (it will always contain the 
username and password of the database).
Benoit Grégoire, http://benoitg.coeus.ca/
-------------- section suivante --------------
Une pièce jointe non texte a été nettoyée...
Nom: non disponible
Type: application/pgp-signature
Taille: 189 octets
Desc: non disponible
Url: http://listes.ilesansfil.org/pipermail/wifidog/attachments/20060130/069a71ba/attachment.pgp

More information about the WiFiDog mailing list