Apache "icons" directory should readable by all users?

[hack3rcon]

Hello,
Why anybody can read the content of "icons" directory?

Code: Select all

# ls -l /usr/share/httpd/icons
total 788
-rw-r--r--. 1 root root   246 Nov 20  2004 a.gif
-rw-r--r--. 1 root root   242 Nov 20  2004 alert.black.gif
-rw-r--r--. 1 root root   293 Sep 11  2007 alert.black.png
-rw-r--r--. 1 root root   247 Nov 20  2004 alert.red.gif
-rw-r--r--. 1 root root   314 Sep 11  2007 alert.red.png
-rw-r--r--. 1 root root  4234 May  4  2013 apache_pb2.gif
-rw-r--r--. 1 root root 10401 Oct  3  2012 apache_pb2.png
-rw-r--r--. 1 root root  4463 May  4  2013 apache_pb.gif
-rw-r--r--. 1 root root  9691 Oct  3  2012 apache_pb.png
-rw-r--r--. 1 root root   306 Sep 11  2007 a.png
-rw-r--r--. 1 root root   216 Nov 20  2004 back.gif
-rw-r--r--. 1 root root   308 Sep 11  2007 back.png
-rw-r--r--. 1 root root   233 Nov 20  2004 ball.gray.gif
-rw-r--r--. 1 root root   298 Sep 11  2007 ball.gray.png
-rw-r--r--. 1 root root   205 Nov 20  2004 ball.red.gif
-rw-r--r--. 1 root root   289 Sep 11  2007 ball.red.png
-rw-r--r--. 1 root root   246 Nov 20  2004 binary.gif
-rw-r--r--. 1 root root   310 Sep 11  2007 binary.png
-rw-r--r--. 1 root root   246 Nov 20  2004 binhex.gif
-rw-r--r--. 1 root root   319 Sep 11  2007 binhex.png
-rw-r--r--. 1 root root   148 Nov 20  2004 blank.gif
-rw-r--r--. 1 root root   215 Sep 11  2007 blank.png
-rw-r--r--. 1 root root   308 Nov 20  2004 bomb.gif
-rw-r--r--. 1 root root   375 Sep 11  2007 bomb.png
-rw-r--r--. 1 root root   251 Nov 20  2004 box1.gif
-rw-r--r--. 1 root root   325 Aug 28  2007 box1.png
-rw-r--r--. 1 root root   268 Nov 20  2004 box2.gif
-rw-r--r--. 1 root root   336 Aug 28  2007 box2.png
-rw-r--r--. 1 root root   247 Nov 20  2004 broken.gif
-rw-r--r--. 1 root root   320 Sep 11  2007 broken.png
-rw-r--r--. 1 root root   235 Nov 20  2004 burst.gif
-rw-r--r--. 1 root root   341 Sep 11  2007 burst.png
-rw-r--r--. 1 root root   242 Nov 20  2004 c.gif
-rw-r--r--. 1 root root   251 Nov 20  2004 comp.blue.gif
-rw-r--r--. 1 root root   330 Aug 28  2007 comp.blue.png
-rw-r--r--. 1 root root   246 Nov 20  2004 comp.gray.gif
-rw-r--r--. 1 root root   318 Sep 11  2007 comp.gray.png
-rw-r--r--. 1 root root  1038 Nov 20  2004 compressed.gif
-rw-r--r--. 1 root root  1108 Aug 28  2007 compressed.png
-rw-r--r--. 1 root root   214 Nov 20  2004 continued.gif
-rw-r--r--. 1 root root   296 Sep 11  2007 continued.png
-rw-r--r--. 1 root root   299 Sep 11  2007 c.png
-rw-r--r--. 1 root root   225 Nov 20  2004 dir.gif
-rw-r--r--. 1 root root   295 Sep 11  2007 dir.png
-rw-r--r--. 1 root root   167 Nov 20  2004 diskimg.gif
-rw-r--r--. 1 root root   215 Aug 28  2007 diskimg.png
-rw-r--r--. 1 root root   163 Nov 20  2004 down.gif
-rw-r--r--. 1 root root   256 Sep 11  2007 down.png
-rw-r--r--. 1 root root   238 Nov 20  2004 dvi.gif
-rw-r--r--. 1 root root   305 Sep 11  2007 dvi.png
-rw-r--r--. 1 root root   236 Nov 20  2004 f.gif
-rw-r--r--. 1 root root   225 Nov 20  2004 folder.gif
-rw-r--r--. 1 root root   242 Nov 20  2004 folder.open.gif
-rw-r--r--. 1 root root   332 Sep 11  2007 folder.open.png
-rw-r--r--. 1 root root   295 Sep 11  2007 folder.png
-rw-r--r--. 1 root root   243 Nov 20  2004 folder.sec.gif
-rw-r--r--. 1 root root   313 Aug 28  2007 folder.sec.png
-rw-r--r--. 1 root root   219 Nov 20  2004 forward.gif
-rw-r--r--. 1 root root   308 Sep 11  2007 forward.png
-rw-r--r--. 1 root root   296 Sep 11  2007 f.png
-rw-r--r--. 1 root root   221 Nov 20  2004 generic.gif
-rw-r--r--. 1 root root   275 Sep 11  2007 generic.png
-rw-r--r--. 1 root root   220 Nov 20  2004 generic.red.gif
-rw-r--r--. 1 root root   283 Sep 11  2007 generic.red.png
-rw-r--r--. 1 root root   249 Nov 20  2004 generic.sec.gif
-rw-r--r--. 1 root root   295 Sep 11  2007 generic.sec.png
-rw-r--r--. 1 root root   217 Nov 20  2004 hand.right.gif
-rw-r--r--. 1 root root   311 Sep 11  2007 hand.right.png
-rw-r--r--. 1 root root   223 Nov 20  2004 hand.up.gif
-rw-r--r--. 1 root root   304 Sep 11  2007 hand.up.png
-rw-r--r--. 1 root root 11977 Nov 20  2004 icon.sheet.gif
-rw-r--r--. 1 root root  9018 Aug 28  2007 icon.sheet.png
-rw-r--r--. 1 root root   274 Nov 20  2004 image1.gif
-rw-r--r--. 1 root root   325 Sep 11  2007 image1.png
-rw-r--r--. 1 root root   309 Nov 20  2004 image2.gif
-rw-r--r--. 1 root root   371 Sep 11  2007 image2.png
-rw-r--r--. 1 root root   286 Nov 20  2004 image3.gif
-rw-r--r--. 1 root root   338 Sep 11  2007 image3.png
-rw-r--r--. 1 root root   268 Nov 20  2004 index.gif
-rw-r--r--. 1 root root   332 Sep 11  2007 index.png
-rw-r--r--. 1 root root   276 Nov 20  2004 layout.gif
-rw-r--r--. 1 root root   323 Sep 11  2007 layout.png
-rw-r--r--. 1 root root   172 Nov 20  2004 left.gif
-rw-r--r--. 1 root root   257 Sep 11  2007 left.png

When I enter "http://IP/icons/" in the browser then I can see all of them.

Thank you.

[BShT]

remove Indexes directive

[jlehtone]

There must be some general principles about content for Apache service and some Fora of active Apache users, for CentOS is far from only platform where Apache is used.

What platform-specific details Apache in CentOS has? That is a good question to ask here, but I bet that permissions on icon-files has nothing specific to CentOS.

For me Apache is just one of the services that I could run (but preferably never do in my systems). What can I say? "I hate HTTP"?

[TrevorH]

And since "icons" are used by the error messages that come out from httpd, the directory does need to be able to be read. I am not sure what you are worried about. They're icons. They're not exactly security problems.

[hack3rcon]

And since "icons" are used by the error messages that come out from httpd, the directory does need to be able to be read. I am not sure what you are worried about. They're icons. They're not exactly security problems.

It could reveal Apache version. Logo said "Apache 2.4" .

[TrevorH]

It doesn't say 2.4.6 or 2.4.37 or whatever the actual installed version is and since 2.4 is the current version and has been for some time, it doesn't mean much.

[hack3rcon]

thus, it is normal!