httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <>
Subject Re: setuid control WITHOUT running as root
Date Sun, 02 Jun 1996 18:51:12 GMT
>         * By turning off the suid bit on the wrapper?
>         * By an execution flag?
>         * Compile time option?
> By not going through the wrapper at all unless uid-switching has been
> configured *on* for this exec() (as suggested in my previous note)?
> rst

How would you suggest doing this? I don't want to allow non-suid
execution for security reasons, so defining a different MIME type
does not seem like the answer for me.

Maybe a simple check to see if User for this VHost is defined to
be different from the main server id and calling the wrapper if it is?

View raw message