diff options
| author | Henning Brauer <henning@cvs.openbsd.org> | 2002-12-15 13:32:43 +0000 |
|---|---|---|
| committer | Henning Brauer <henning@cvs.openbsd.org> | 2002-12-15 13:32:43 +0000 |
| commit | 291a1676ac5b8d9f5e8a9507ff70e93b26eb0854 (patch) | |
| tree | 294a97e3f5ca2e46fad25e6b6c96def018b608c2 /usr.sbin/httpd | |
| parent | fbf8075c69ba748e75ffcd170d91e4f875792e85 (diff) | |
mroe speling; torh
Diffstat (limited to 'usr.sbin/httpd')
| -rw-r--r-- | usr.sbin/httpd/htdocs/manual/misc/security_tips.html | 6 | ||||
| -rw-r--r-- | usr.sbin/httpd/httpd.8 | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/usr.sbin/httpd/htdocs/manual/misc/security_tips.html b/usr.sbin/httpd/htdocs/manual/misc/security_tips.html index 6c346ca2048..3387a66dc00 100644 --- a/usr.sbin/httpd/htdocs/manual/misc/security_tips.html +++ b/usr.sbin/httpd/htdocs/manual/misc/security_tips.html @@ -54,7 +54,7 @@ directive to serve hits. As is the case with any command that root executes, you must take care that it is protected from modification by non-root users. Not only must the files - themselves be writeable only by root, but so must the + themselves be writable only by root, but so must the directories, and parents of all directories. For example, if you choose to place ServerRoot in <code>/usr/local/apache</code> then it is suggested that you @@ -91,11 +91,11 @@ either executes or writes on then you open your system to root compromises. For example, someone could replace the httpd binary so that the next time you start it, it will execute some - arbitrary code. If the logs directory is writeable (by a + arbitrary code. If the logs directory is writable (by a non-root user), someone could replace a log file with a symlink to some other system file, and then root might overwrite that file with arbitrary data. If the log files themselves are - writeable (by a non-root user), then someone may be able to + writable (by a non-root user), then someone may be able to overwrite the log itself with bogus data.</p> <hr /> diff --git a/usr.sbin/httpd/httpd.8 b/usr.sbin/httpd/httpd.8 index 491433257e1..68004f458dd 100644 --- a/usr.sbin/httpd/httpd.8 +++ b/usr.sbin/httpd/httpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: httpd.8,v 1.9 2002/11/07 21:40:15 henning Exp $ +.\" $OpenBSD: httpd.8,v 1.10 2002/12/15 13:32:41 henning Exp $ .\" Copyright (c) 1995-1997 David Robinson. All rights reserved. .\" Copyright (c) 1997-1999 The Apache Group. All rights reserved. .\" Copyright (c) 1998-1999 Bob Beck. All rights reserved. @@ -127,7 +127,7 @@ For this to work, pathnames inside the file do not need adjustment relative to .Va ServerRoot . For this option to remain secure, it is important that no files or directories -writeable by user +writable by user .Ar www or group .Ar www |