Gossamer Forum
(Advanced Search)
for
Home : Products : Gossamer Mail : Discussion :

Re: [anup123] Isn't this a Security Threat?

May 5, 2003, 12:01 PM
Alex
Administrator (9387 posts)
May 5, 2003, 12:01 PM
Views: 6500
Shortcut
Quote Reply
Re: [anup123] Isn't this a Security Threat? In reply to
Hi,

I haven't read through this entire thread, but I'll respond to the security questions.

If you are on a shared server, it's up to your webhosting provider to provide you with adequate security from other users. We can not guarantee a Gossamer Mail install will be safe from other users on a shared server, it's simply impossible given the setup of a lot of hosts. It's up to the webhost to provide you with a safe environment for your site.

Webhosting companies can set this up in a number of ways, however sadly, it's been our experience that the majority of them do not do this. They can use technologies like virtual private servers, chroot enviornments, or just plain sensible permissions, to ensure you have a safe environemnt. A stock RedHat will _not_ be safe enviornment for multiple untrusted users.

With GossamerHost, we set things up so that it is not possible for a user to view any files within the other users home directory, so permissions on files within your home directory are not as important.

The files need to default to 666 so that Gossamer Mail will work with 90% of the ISP's out there that don't run under suexec.

Hope this helps,

Alex
--
Gossamer Threads Inc.
Subject Author Views Date
Thread; hot thread Isn't this a Security Threat? anup123 11079 May 3, 2003, 9:37 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 10818 May 4, 2003, 8:21 AM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		anup123 10840 May 4, 2003, 10:02 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 10785 May 4, 2003, 10:11 AM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		anup123 10792 May 4, 2003, 10:48 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10800 May 4, 2003, 10:52 AM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 10813 May 4, 2003, 10:59 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10788 May 4, 2003, 11:01 AM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 10803 May 4, 2003, 11:13 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10829 May 4, 2003, 11:23 AM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		Chaz 11137 May 4, 2003, 11:31 AM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		Paul 10797 May 4, 2003, 11:58 AM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		Chaz 10765 May 4, 2003, 12:04 PM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		Paul 10831 May 4, 2003, 12:32 PM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		Chaz 10807 May 4, 2003, 12:44 PM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		Paul 6548 May 4, 2003, 1:55 PM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		Chaz 6526 May 4, 2003, 2:08 PM
Post; hot thread Re: [Chaz] Isn't this a Security Threat? 		Paul 6614 May 4, 2003, 2:30 PM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 10750 May 4, 2003, 11:44 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10794 May 4, 2003, 11:57 AM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 10795 May 4, 2003, 12:33 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10801 May 4, 2003, 12:37 PM
Post; hot thread Post deleted by anup123 		anup123 6511 May 4, 2003, 1:44 PM
Post; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 6511 May 4, 2003, 1:48 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 10773 May 4, 2003, 11:32 AM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		anup123 10751 May 4, 2003, 11:55 AM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 10772 May 4, 2003, 12:01 PM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		anup123 10766 May 4, 2003, 12:18 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10839 May 4, 2003, 12:35 PM
Thread; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 6567 May 4, 2003, 1:06 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 6519 May 4, 2003, 1:54 PM
Thread; hot thread Re: [Chaz] Isn't this a Security Threat? 		anup123 6523 May 4, 2003, 3:26 PM
Post; hot thread Re: [anup123] Isn't this a Security Threat? 		Chaz 6468 May 4, 2003, 3:36 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 6502 May 4, 2003, 4:41 PM
Post; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 6508 May 4, 2003, 5:01 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 6547 May 4, 2003, 1:56 PM
Post; hot thread Re: [Paul] Isn't this a Security Threat? 		anup123 6488 May 4, 2003, 2:21 PM
Thread; hot thread Re: [anup123] Isn't this a Security Threat? 		pugdog 6508 May 5, 2003, 4:47 AM
Thread; hot thread Re: [pugdog] Isn't this a Security Threat? 		anup123 6506 May 5, 2003, 5:30 AM
Post; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 6461 May 5, 2003, 7:01 AM
Post; hot thread Re: [anup123] Isn't this a Security Threat? 		Paul 10792 May 4, 2003, 10:55 AM
Post; hot thread Re: [anup123] Isn't this a Security Threat? 		Alex 6500 May 5, 2003, 12:01 PM