Categories
Welcome Center
Education & Development
Discussions
Certification Preparation
Recent Posts
Groups
Free Resources
Ebooks
Free Workshops
Trending Certifications Infographic
Infosec Training
IT & Security Training
Live Boot Camps
Security Awareness Training
About Infosec Institute
Home
Certification Preparation
Other/General Certifications
Apache
NightShade03
While I'm studying tonight I also ran across some apache configurations. One thing I noticed as an option is FollowSymLinks which seems to be set on alot of current apache deployments. I know that this will allow the system to follow system links within the directory. My question is...aren't there security concerns with this? Assume someone drops a files in this directory that system links to somewhere it shouldn't, will the permissions of the filesystem stop this or is that a "it depends" scenario?
Find more posts tagged with
Save $250 on 2025 certification boot camps from Infosec!
Book now with code EOY2025
Button
Comments
darkerosxx
Just have to watch permissions and be sure apache(the apache user) can't read files it shouldn't be able to read. This can be accomplished in a lot of ways, but mostly through permissions and SELinux.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
INFOSEC Boot Camps
$250
OFF
Use code
EOY2025
to receive $250 off your 2025 certification boot camp!
BROWSE BOOT CAMPS
