httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject SCO C2 security+inetd showstopper
Date Fri, 17 Nov 1995 19:40:54 GMT
As I was wandering through some code today, a terrible thought dawned upon me,
which is that SCO in high security mode has a very nasty gotcha under inetd;
you can't change user until you have worked some magic with the security
system. Depending on what Apache does with failed setuid (or whatever) this
is either a massive security hole or a showstopper.

I'll submit a patch over the weekend.

Cheers,

Ben.

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant        Fax:   +44 (181) 994 6472
and Technical Director      Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message