httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: SetUID once again
Date Tue, 26 Mar 1996 01:32:41 GMT
> Sorry, Randy, I see you *did* answer the suid question, but I'm still
> confused about your position.  Specifically, you say that:
> 
>   The single advantage that the scheme I have been advocating offers
>   over just setting the u+s is that the scripts don't need to be
>   readable by the world.
> 
> Setuid programs do *not* have to be "readable by the world" --- in fact,
> some security check scripts will report any publically readable suid
> program as a configuration error.  Likewise, mode 711 directories can
> be used to hide the names of config files and the like (though if the
> script is running suid, they might as well be 700 anyway).

You are correct and my argument is a lame one. *sigh*
However, it does force me to leave a setuid program laying around
that is world executable. By at least requiring it's execution
by the web server offers a layer of abstraction that might prevent
*some* mischief.


> Also, you say that
> 
>   The wrapper scheme is workable, but not ideal. It can be problematic,
>   and is definitely more work to support. (read "more technically challenged
>   user questions")
> 
> The biggest problem I'm aware of with current wrapper schemes is that
> they mess up the namespace --- you have to refer to your script as
> something like /cgi-bin/wrapper/the/real/uri/goes/here.cgi.  If the
> wrapper was found instead by means of an AddAction-like mechanism (so
> that handling of all script-like files with the extension, say, .scgi
> was automatically punted to the wrapper), how far would that go to
> addressing your concerns with the wrapper approach?
> 
> rst

Originally, I looked at addressing this issue with CGIWrapper. 
However the list of arguments it requires to be passed in the
URL to the wrapper program seemed difficult to hand off to
the wrapper through something like Alexi's mod_actions.
Rather than hacking up my own wrapper, it seemed a nice addition
to incorporate the functionality in Apache.

Of course you must all realize by now that I am the type of
guy that removes all safety devices from my power tools.... :-)

In answer to your question...yes, this would accomplish what I
have in these Apache extensions.





Mime
View raw message