Postfix Problems
CodeHeads
codeheads at gmail.com
Tue May 23 16:23:50 UTC 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wed, 24 May 2006 01:38:05 +0930 Tim <ignored_mailbox at yahoo.com.au> wrote:
> On Tue, 2006-05-23 at 13:11 +0100, Paul Howarth wrote:
> > If you have /tmp on a separate partition, I'd seriously consider
> > mounting it noexec,nodev. If it's not a separate partition, I'd
> > seriously consider making one for it on an Internet-exposed web
> > server.
> > Same goes for /var.
>
> I haven't struck any problems with doing that to /tmp/, but if you have
> a chrooted BIND and a nodev mounted /var/ you strike problems with it
> not being able to use its chrooted /dev/random, at least. And a noexec
> mounted /var/ requires you to have your webserver cgi-bin programs
> stored in another location (e.g. /srv/www/cgi-bin/). Not sure how
> that'd impinge on PHP, etc.
>
> I can't think of any other gotchas to prepare for at the moment.
>
I have the cgi-bin disabled in apache. I do not use it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEczcWfw3TK8jhZrsRAl21AKDYJdZ2dqM5sLdZser77z1DV3YkJgCcDDMr
XlIKmyzpEWQy5oaFF+vj24c=
=zUiC
-----END PGP SIGNATURE-----
More information about the users
mailing list