From APACHE SERVER 2.2 for Unix Security Technical Implementation Guide
Part of WA00535
The ScoreBoardfile directive sets a file path which the server will use for Inter-Process Communication (IPC) among the Apache processes. If the directive is specified, then Apache will use the configured file for the inter-process communication. Therefore if it is specified it needs to be located in a secure directory. If the ScoreBoardfile is placed in a writable directory, other accounts could create a denial of service attack and prevent the server from starting by creating a file with the same name, and or users could monitor and disrupt the communication between the processes by reading and writing to the file.
To determine the location of the file enter the following command: find / -name ScoreBoard. To view the permissions on the file enter the following command: ls -lL /path/of/ScoreBoard. If the permissions on the file are not set to 644 or less restrictive, this is a finding.
The scoreboard file is created when the server starts, and is deleted when it shuts down, set the permissions during the creation of the file.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer