httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@ai.mit.edu (Robert S. Thau)
Subject Re: SetUID once again
Date Tue, 26 Mar 1996 02:04:50 GMT
  You are correct and my argument is a lame one. *sigh*
  However, it does force me to leave a setuid program laying around
  that is world executable. By at least requiring it's execution
  by the web server offers a layer of abstraction that might prevent
  *some* mischief.

But Randy, any CGI script is, by definition, a program that is
*world* executable (with whatever privileges you choose to give it)
not just by anybody with an account on your machine, but by literally
anybody on the planet with internet access.

  In answer to your question [re: wrappers] yes, this would accomplish what I
  have in these Apache extensions.

In that case, perhaps pursuing wrappers would be a better way to go
about this all around... it avoids the technical complications, and it
also avoids the danger that some third-party module over which we have
no control could somehow subtly screw up the uid-switching in a manner
that would leave the server open to serious compromise.

(Yes, third-party modules can open security holes anyway, but in a uid-
switching server, they can be somewhat worse than they would be otherwise).

rst

Mime
View raw message