Gentoo Archives: gentoo-user

From: "Nelson
To: gentoo-user@l.g.o
Subject: RE: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them
Date: Fri, 23 Feb 2007 10:14:58
Message-Id: 3D60AF2712C16D42A38076E52FD6E3D25E193C@ukmcrdembx01.rd.astrazeneca.net
In Reply to: Re: [gentoo-user] OT - Some miscellanous questions about hack attacks and dealing with them by Alan McKinnon
1 > -----Original Message-----
2 > From: Alan McKinnon [mailto:alan@××××××××××××××××.za]
3 > Sent: 23 February 2007 07:17
4 > To: gentoo-user@l.g.o
5 > Subject: Re: [gentoo-user] OT - Some miscellanous questions about hack
6 > attacks and dealing with them
7 >
8 >
9 > The problem is that php enables every kid and his dog to put an
10 > interactive site up on the net. So, every kid and his dog
11 > does. All the
12 > while making coding mistakes that open holes. Forum software seems
13 > especially prone.
14 >
15 > Apache and php_mod themselves are as safe as is reasonable,
16 > at least I
17 > haven't seen many weaknesses reported on those two packages.
18 > To know if
19 > you should be taking extra security precautions, watch for security
20 > advisories about the php apps you have running
21 >
22
23 Forgive my ignorance if I'm incorrect - but I was told at one point by a friend who runs a few servers and sites that if an app wont run in PHP Safe Mode then he wont run it at all.
24 http://us2.php.net/features.safe-mode
25
26 I'm not a PHP expert by any means so I can't definitively say "use safe mode" but if people are looking to lock down a server it may be worth a peek.
27
28
29 OT: Also, my name is "David Nelson" not "Nelson David". Don't blame me - it's a work email account and they have our names Surname, Forename all over the place. :P I've just seen people refer to me as "Nelson" sometimes ... ;-)
30
31 --
32 djn
33
34 I do not represent anyone else in emails I send to this list.
35 éí¢‹¬z¸žÚ(¢¸&j)bž b²