[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Directory structure
> The main one is that cgi scripts are chrooted. Not a problem if
> they are binaries, but until there's a perl compiler that's stable,
> I need to put perl under the chroot. Unideal, but makes me feel
I assume you don't have to go as far as including things as
> better that my stub partition,/var/www/, is readonly with the data
> mounted rw under /var/www/DATA/ (which contains htdocs and another
> area for data to be written that's not browsable).
Nice idea. Troublesome though if you have a busy site and need to update
executables or libraries.
> The other tweak is that you likely need /dev files and perhaps a library
> or two under /var/www/usr/lib/.
Is there a particular way to find out what /dev files I might need? I
assume a /var/www/dev/log syslog socket similar to bind, but what else.
> I've done this for 6 years and been less concerned about exploits in
> CERN's daemon and NCSA's. All I can lose is www data is easily replaced
> from the source machine. It's a Good Thing.
I'm going to do it myself, problem of course that its rather invasive, plus
requiring a lot of duplication.