When you choose the directory for your data files, we recommend that you keep some precautions in mind.
- Don't place any sensitive files in the document directory.
- Isolate your data files directory from the system files directory.
For example, /usr/www is much safer than the root
directory /. The root directory / opens
up your whole system to be served by Slinger.
If you configure Slinger to support CGI:
- Place the CGI scripts in a directory isolated from your normal
system binaries. Don't use /bin or /usr/bin as
your CGI directory.
- Avoid setting your CGI script file permissions to "set
user ID when executing" when the file is owned by a privileged
user (for example, root).
- Keep your CGI scripts and documents in separate directories.
This prevents people from accessing your scripts.
Don't expose your machine to undue risk. Make sure that:
- The permissions on all the files and directories are read-only.
- No files are owned by user ID (-2) because Slinger runs at user ID
(-2), and you don't want Slinger to own the files.
These precautions will help prevent anybody from giving your machine
a new password file or tampering with your web pages.
For more information, see the
Securing Your System
chapter in this guide.