Annotation of embedaddon/lighttpd/doc/outdated/security.txt, revision 1.1
1.1 ! misho 1: =================
! 2: Security Features
! 3: =================
! 4:
! 5: ------------
! 6: Module: core
! 7: ------------
! 8:
! 9: :Author: Jan Kneschke
! 10: :Date: $Date: 2004/08/29 09:44:53 $
! 11: :Revision: $Revision: 1.2 $
! 12:
! 13: :abstract:
! 14: lighttpd was developed with security in mind ...
! 15:
! 16: .. meta::
! 17: :keywords: lighttpd, security
! 18:
! 19: .. contents:: Table of Contents
! 20:
! 21: Description
! 22: ===========
! 23:
! 24: Limiting POST requests
! 25: ----------------------
! 26:
! 27:
! 28:
! 29: ::
! 30:
! 31: server.max-request-size = <kbyte>
! 32:
! 33: System Security
! 34: ---------------
! 35:
! 36: Running daemons as root with full privileges is a bad idea in general.
! 37: lighttpd runs best without any extra privileges and runs perfectly in chroot.
! 38:
! 39: Change Root
! 40: ```````````
! 41:
! 42: server.chroot = "..."
! 43:
! 44: Drop root privileges
! 45: ````````````````````
! 46:
! 47: server.username = "..."
! 48: server.groupname = "..."
! 49:
! 50: FastCGI
! 51: ```````
! 52:
! 53: fastcgi + chroot
! 54:
! 55: Permissions
! 56: ```````````
! 57:
! 58: ::
! 59:
! 60: $ useradd wwwrun ...
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to security.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / lighttpd / doc / outdated