[rescue] Oh no! This poor Origin server.....

Joshua Boyd jdboyd at jdboyd.net
Fri Apr 2 12:45:59 CST 2004

On Fri, Apr 02, 2004 at 01:23:05PM -0500, Linc Fessenden wrote:

> Then you don't have to worry a bit about the local root exploits that pop
> up.  Good news!  The only things you need concern yourself with is the
> ones that affect the web based services you offer, probably php, perl,
> openssl, apache and ssh.

Pretty much.  Perl isn't exposed to the net, I hope (I'm not at all
certain of that), but PHP, apache, and ssh are.  I'm not currently using
openssl (I think).  I want to use OpenSSL, but I haven't gotten around
to figuring out how.  In the mean time, I don't use webmail myself, and
I'm disallowing ssh logins to the webmail users.

I'd love to be able to move webmail to a more secure setup and ditch PHP
and apache altogether.

More information about the rescue mailing list