Re: [Jack-Devel] www.jackaudio.org defacement
Paul Davis <[hidden]> writes:
> for now, i've switched the user that the website "runs as", but made a
> different user the owner of all the files that comprise the website
> itself. in theory this should prevent web-vectored attacks from
> modifying any files. dreamhost does things slightly oddly AFAICT: i
> think the httpd server itself runs as "nobody" but any CGI scripts are
> executed as a specified user.
>
> i also changed all passwords (including database access passwords etc).
>
> we'll see how well this holds up against the pharma crackers.
http://trac.jackaudio.org/ is broken:
OperationalError: (1045, "Access denied for user 'jackdrupaldb'@'apache2-hok.addisababa.dreamhost.com' (using password: YES)")
--
Nedko Arnaudov <GnuPG KeyID: 5D1B58ED>
1325352714.6510_0.ltw:2,a <87pqf4d4x5.fsf at arnaudov dot name>