httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: SCO C2 security+inetd showstopper
Date Fri, 17 Nov 1995 22:50:13 GMT
> 
> Ben, I don't know much about SCO, but under SunOS, inetd runs the
> command (e.g., httpd), with a uid given in inetd.conf.  Unless that
> user is root, this is not a problem.  In fact, Apache currently
> doesn't even try to reset its uid if run in inetd mode, for this
> reason --- neither did NCSA 1.3.
> 
> So, I would only see a problem here that needs to be fixed if SCO's
> inetd *insists* on running httpd as root, and doesn't give you any
> other options.  If it doesn't, then jumping through hoops to reset the
> uid is unnecessary (and would fail anyway, on a sensibly configured
> system).

Oh, OK. That's cool then.

> 
> rst

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant        Fax:   +44 (181) 994 6472
and Technical Director      Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message