Advertisement

Installing OpenBSD

Started by April 01, 2006 03:48 PM
9 comments, last by jonahrowley 18 years, 9 months ago
Quote: Original post by crusadingknight
In my rather unenlightened experience, it's usually a good idea to keep www/ directories out of your home if possible, and just run your httpserver as a 'nobody' account in something like /home/nobody/www (unless your account will be a rather unprivileged one). Although it's mainly a security measure (ie. it can't use '..' by accident to access your home directory if somebody somehow finds a bug within your BSD system, or some such attack), it also helps, because I've found one's home directory tends to get very cluttered with your www/ in it, or, at least, mine does when I decide to do a quick fix by copying the original up into my home and fixing an error.


On OpenBSD, httpd runs unprived, in a chroot, with some serious protection from buffer overflows and such. Many of the buffer overflow protection mechanism you see implemented now in Linux or Windows were invented by OpenBSD developers, or first implemented and deployed by OpenBSD developers. Also, http docs are usually stored in /var on OpenBSD.

This topic is closed to new replies.

Advertisement