[lug] Fun with Apache

Matt Thompson thompsma at colorado.edu
Wed Nov 17 08:55:10 MST 2004

Sorry, nothing about devels v. contractors, but a simple Apache

In FC3 we have Seth's new yum, along with generate-rss.  Now, I'd like
to use this to serve an XML from my main Linux box and read it using

This box has Apache serving just squirrelmail (as an IMAP link) and
Subversion.  So, everything I've ever done with was secured via other's

Having said that, I'm hoping you can tell me what kind of holes I will
put in my box using this script in a cron job:

yum check-update
yum --rss-filename=/var/www/html/yum-rss.xml generate-rss updates
chown apache.apache /var/www/html/yum-rss.xml

Of course, this is just a rough simple script from an F95 man that will
probably kill PID 1 given a chance.  What do the BLUG gurus say on the
matter of security (or script design).
Learning just means you were wrong and they were right. - Aram
   Matt Thompson -- http://ucsub.colorado.edu/~thompsma/
   440 UCB, Boulder, CO  80309-0440
   JILA A510, 303-492-4662
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20041117/52b0f9ed/attachment.pgp>

More information about the LUG mailing list