httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@ai.mit.edu (Robert S. Thau)
Subject Re: possible solution to log rotation, config reread, shutdown, etc. problem
Date Sun, 09 Jun 1996 21:59:03 GMT
  Yeah, but that is actually a problem in itself... In ALOT of cases, sites
  are perfectly willing to allow a web server to start as root, but are not
  willing to let the web admin have access to the root account.

Hmmm... the way I deal with this is with a very small suid-root program
which opens the pid file, checks that it is owned by root and writable
by no one else, and that it contains one positive integer followed by
a newline and nothing else, and sends a HUP to the process named by the
pid in question if so.  (The location of the pidfile is compiled in).

The easiest attacks on this, I suppose, are by trying to make it read
the wrong pidfile (though trying to find a file owned by root, writable
by none other, which contains only the integer of the process you'd
like to HUP is an interesting problem in itself, and then you'd have to
hack the directory structure to make it read the wrong file --- but if
you can do that, you can probably also change the pathnames used by
maintenance jobs that do things a lot more potentially useful than 
kill -HUP).

Of course, since this seems to be random screwup week, for me and
everyone else (what, is it the full moon or something?), I now expect
to hear about the five fatal flaws in this scheme...

Now trying to throw together support for PUT from Netscape Gold, because
my life just wasn't interesting *enough*, I'm...

   rst


Mime
View raw message