Re: Apache log analyzer

To: debian-isp@lists.debian.org
Subject: Re: Apache log analyzer
From: ressu@ressukka.net (Sami Haahtinen)
Date: Mon, 4 Aug 2003 21:14:56 +0300
Message-id: <[🔎] 20030804181456.GB6468@stradivarius.ressukka.net>
Mail-followup-to: debian-isp@lists.debian.org
In-reply-to: <[🔎] E19jixo-0004Xr-00@wabyn.net>
References: <[🔎] 20030804100033.GB3340@stradivarius.ressukka.net> <[🔎] E19jixo-0004Xr-00@wabyn.net>

On Mon, Aug 04, 2003 at 10:17:40AM -0700, Wade Richards wrote:
> On Mon, 04 Aug 2003 13:00:33 +0300, Sami Haahtinen writes:
> >awstats
> >  It does the best job of these three, it collects just about every bit
> >  of data that i can think of (and more) but the way it's packaged makes
> >  it unusable on a default debian installation (you need to either
> >  compromise on security or tweak apache configuration files)
> 
> Can you please elaborate on the problems with awstats and security?  I
> didn't see any open bug reports for awstats in the BTS.

The way awstats needs to be set up on a debian box causes this.. (there
are no known exploits, but i'm paranoid..;) as README.Debian says, you
have 2 ways of setting up awstats, _manually_ setting the script owner
to adm or fixing up the apache provided logrotate script to create files
that are readable by the script. This is not something i consider
reasonable..

I like awstats, but i try to avoid manual tweaks on files that get
overwritten (/usr/*) or might get other changes (apache logrotate
script)

Regards, Sami

-- 
			  -< Sami Haahtinen >-
      -[ Notify immediately if you do not receive this message ]-
	-< 2209 3C53 D0FB 041C F7B1  F908 A9B6 F730 B83D 761C >-

Reply to:

References:
- Apache log analyzer
  - From: ressu@ressukka.net (Sami Haahtinen)
- Re: Apache log analyzer
  - From: Wade Richards <wade@wabyn.net>

Prev by Date: Re: Apache log analyzer
Next by Date: unsubscribe
Previous by thread: Re: Apache log analyzer
Next by thread: Ethernet on a Compaq Proliant DL360 G3
Index(es):
- Date
- Thread