This commit was manufactured by cvs2svn to create tag 'NET_WHOIS_RAW_0_31'.NET_WHOIS_RAW_0_31

1 files changed, 0 insertions, 25 deletions

diff --git a/rt/docs/Security b/rt/docs/Security
deleted file mode 100644
index c9787ac52..000000000
--- a/rt/docs/Security
+++ /dev/null
@@ -1,25 +0,0 @@
-RT2 runs setgid to some group (it defaults to 'rt').
-
-rt's configuration file, 'config.pm', is not world readable because it 
-contains rt's database password. If  a user gets access to this file, he
-can arbitrarily manipulate the RT database. This is bad. You don't want
-this to happen.  config.pm is mode 550. No users should be members of 
-the 'rt' group unless you want them to be able to obtain your rt password.
-
-If you're running the web interface, you'll need to make sure your webserver
-has access to config.pm.  You could do this by letting your webserver's user
-be a member of the 'rt' group. This has the disadvantage of letting 
-any mod_perl code on your web server have access to your RT password.
-
-Alternatively, you can run RT2 on its own apache instance bound to a high
-port on 127.0.0.1
-which runs as a non-priviledged user which is a member of the group 'rt'.  
-
-Configure your webserver to proxy requests to RT's 
-virtual directory to the apache instance you just set up.
-
-TODO: doc the apache configs needed to do this.
-
-The same technique can be used to run multiple RT2 instances on the same host.
-
-