[tex-live] updmap and /
Heiko Oberdiek
oberdiek at uni-freiburg.de
Tue Mar 3 11:20:26 CET 2009
On Tue, Mar 03, 2009 at 03:20:26AM +0100, Reinhard Kotucha wrote:
> On 2 March 2009 Heiko Oberdiek wrote:
>
> > But making it readable for others means that they can easily look
> > into the directory and perhaps can even read files that are meant
> > to be private.
>
> But ~/public_html usually doesn't contain anything private.
There are other files/directories in ~.
> The
> content has to be readable by unprivileged users (like Apache) and of
> course, Apache needs "exec" permissions in order to
> "cd /home/user/public_html". But whether anything else is readable by
> anybody else depends on umask. I don't think that it's dangerous to
> grant "exec" permissions to a particular directory.
Some files and directories might be guessed and accessed.
No permissions for group and other protect inexperienced users.
Robin made a good point:
| indeed. in a seriously secure setup, public files *have* to be stored
| elsewhere.
> I distinguish between being careful and being paranoid. If you want
> to make your system more secure, you have to find out first how things
> work and configure them with care. Paranoia is something completely
> different. Paranoids have problems with things which actually exist
> only in their mind.
Subtract things that are not possible, then you have the kind of
paranoia that might be useful for security. If there is a door
that can be opend, then someone/something can get in or out
regardless the size of the door.
Yours sincerely
Heiko <oberdiek at uni-freiburg.de>
More information about the tex-live
mailing list