httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: Authentication
Date Wed, 05 Jun 1996 18:47:25 GMT
> Robert S. Thau wrote:
> > 
> >   > This means, in particular, that you are comfortable with all non-suid
> >   > CGI scripts on your systems (if you have any) running as root, and not
> >   > as www.  I have real trouble buying into that...
> > 
> >   Sorry? I don't quite get this?
> > 
> > If the web server runs CGI scripts, and does not switch uids to do so,
> > then the scripts run under *its* uid, which you have declared to be
> > "as sacred and dangerous as root".
> 
> Ah, but there is the answer ... if running with setuid scripts, then _all_
> scripts must setuid, and none to the web user. The setuid wrapper can then
> simply check that it is running as the web user and only if so proceed.
> 
> Does this work?

Under the current version of my http_exec.c, the wrapper is only
called for a setuid request that is different from what the server
is running as. In my configuration, it is up to me what VHosts still
run as the server user ('www' in my case).

I have seen no comments on the latest spin of sucgi.c that I mailed
yesterday. I think that restricting execution to the DocumentRoot
greatly improves things.

Can *you* compromise your system with it?




Mime
View raw message