diff options
author | barnboy%trilobyte.net <> | 2001-04-25 16:38:17 +0200 |
---|---|---|
committer | barnboy%trilobyte.net <> | 2001-04-25 16:38:17 +0200 |
commit | 5d71f7bcd2f55a2b0de4f360a9d22df6b636b598 (patch) | |
tree | b4a893bf848f362b55e34bbb6cee9e00942aa165 /docs/xml | |
parent | 2d4d7c92bfb4ce18e4413b1e66f30bd62a44e6ff (diff) | |
download | bugzilla-5d71f7bcd2f55a2b0de4f360a9d22df6b636b598.tar.gz bugzilla-5d71f7bcd2f55a2b0de4f360a9d22df6b636b598.tar.xz |
Fix for confusing language regarding protection of data/ & shadow/ directories
and localconfig file.
Diffstat (limited to 'docs/xml')
-rw-r--r-- | docs/xml/administration.xml | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/docs/xml/administration.xml b/docs/xml/administration.xml index c52cacebf..a35ba047d 100644 --- a/docs/xml/administration.xml +++ b/docs/xml/administration.xml @@ -1048,11 +1048,14 @@ operating parameters for bugzilla.</PARA> </LISTITEM> <LISTITEM> <PARA> - Ensure you have adequate access controls for $BUGZILLA_HOME/data/, $BUGZILLA_HOME/localconfig, - and $BUGZILLA_HOME/shadow directories. + Ensure you have adequate access controls for the $BUGZILLA_HOME/data/ and + $BUGZILLA_HOME/shadow/ directories, as well as the $BUGZILLA_HOME/localconfig file. The localconfig file stores your "bugs" user password, which would be terrible to have in the hands - of a criminal. Also some files under $BUGZILLA_HOME/data store sensitive information. + of a criminal. Also some files under $BUGZILLA_HOME/data/ store sensitive information, and + $BUGZILLA_HOME/shadow/ stores bug information for faster retrieval. If you fail to secure + these directories and this file, you will expose bug information to those who may not + be allowed to see it. </PARA> <PARA> On Apache, you can use .htaccess files to protect access to these directories, as outlined |