Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
lighttpd-1.4.64
/
doc
/
outdated
/
security.txt

security.txt 848 B
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960 
  1. =================
    2. 

  2. Security Features
    3. 

  3. =================
    4. 

  4. 

  5. ------------
    6. 

  6. Module: core
    7. 

  7. ------------
    8. 

  8. 

  9. :Author: Jan Kneschke
    10. 

  10. :Date: $Date: 2004/08/29 09:44:53 $
    11. 

  11. :Revision: $Revision: 1.2 $
    12. 

  12. 

  13. :abstract:
    14. 

  14.   lighttpd was developed with security in mind ...
    15. 

  15. 

  16. .. meta::
    17. 

  17.   :keywords: lighttpd, security
    18. 

  18. 

  19. .. contents:: Table of Contents
    20. 

  20. 

  21. Description
    22. 

  22. ===========
    23. 

  23. 

  24. Limiting POST requests
    25. 

  25. ----------------------
    26. 

  26. 

  27. 

  28. 

  29. ::
    30. 

  30. 

  31.    server.max-request-size = <kbyte>
    32. 

  32. 

  33. System Security
    34. 

  34. ---------------
    35. 

  35. 

  36. Running daemons as root with full privileges is a bad idea in general.
    37. 

  37. lighttpd runs best without any extra privileges and runs perfectly in chroot.
    38. 

  38. 

  39. Change Root
    40. 

  40. ```````````
    41. 

  41. 

  42. server.chroot = "..."
    43. 

  43. 

  44. Drop root privileges
    45. 

  45. ````````````````````
    46. 

  46. 

  47. server.username = "..."
    48. 

  48. server.groupname = "..."
    49. 

  49. 

  50. FastCGI
    51. 

  51. ```````
    52. 

  52. 

  53. fastcgi + chroot
    54. 

  54. 

  55. Permissions
    56. 

  56. ```````````
    57. 

  57. 

  58. ::
    59. 

  59. 

  60.   $ useradd wwwrun ...
    61.