On Wed, Jan 1, 2014 at 12:58 AM, Raffaele Morelli <raffaele.more...@gmail.com> wrote: > [...] > I just want to add a (relevant) bit. > Apache has tons of directives to secure a website and if you really need to > upload in a dir you can tell apache to not execute php scripts in there or > force file type to text or prevent POST request from untrusted ip, etc > etc.... and you'are done.
It has occurred to me on several occasions that apache is essentially another shell over the underlying OS calls -- like bash is a shell for character/command-line-oriented terminal (sessions). It has also occurred to me on several occasions that it implements its own security model, and provides an alternate path into the system resources (file system, etc.) that sometimes circumvents the native security model. And I note that I prefer the native Unix basic security model not to be circumvented. I have other thoughts on the subject, but my wife says we have to go do the family new-year's stuff. Be interested in comments. -- Joel Rees Be careful where you see conspiracy. Look first in your own heart. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/CAAr43iO=ks2zcx6pztvmtwe2gqv331rogzz31arqozzkjzo...@mail.gmail.com
