在 2006-10-28六的 17:33 +0200,Leendert Meyer写道:
Yes, but IMHO this seems only a partial solution, as it does not take care of the read-permission problem. ;-) 600 means only wwwrun or root have read-access.
But combined with root login via ssh-key would be not quite bad at all.
The webserver administrator is unfortunately no longer working here, so I got no ways to ask but in his original security policy, it is only possible to login via ssh-key (password login is disabled). Does it make sense to turn of root ssh login and to turn off password login at the same time? This is the current situation but I want to am I lowering down security level by enabling root login but keep password login disabled?
Cheers,
Leen
-- 锐业软服(国内业务) http://www.realss.cn Real SoftService http://www.realss.com 销售咨询(Sales Department): 0086 592 20 99987 (Chinese, German, English) 国际业务(International Sales): 0086 10 8460 6011 (German and English) 联系:厦门大学科技园,嘉庚二号楼6楼 邮政:厦门大学2312号信箱(邮编361005)