On Mon, Mar 03, 2008 at 01:23:34PM +0100, NN_il_Confusionario wrote: > On Mon, Mar 03, 2008 at 09:51:47AM +0100, Peter Teunissen wrote: > > On Mon, March 3, 2008 06:56, NN_il_Confusionario wrote: > > > perhaps a minimal and secure (or at lest much less complex and so safer > > > than the portmap/nfsd deamons) web server on the machine hawing the > > > files, plus a reverse proxy web server on the machine in the dmz (or a > > > direct port forwarding on the router/firewall). > I was NOT talking about apache in the LAN. If you already need apache in > the DMZ, then you can configure it to work also as reverse proxy. But in > the LAN I would only put a minimal/secure web server: it only serves > static files, with no ability for cgi/ssi/php/whatever, and runs as non > root user chrooted in a directory where it can read files but not write > or execute them. Debian has many such minimal web servers (and > debian-devel is discusssing in these days whether there are already too > many or conversely not sufficiently many).
Wouldn't a chrooted ftp server do the same thing? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
