httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <>
Subject Re: setuid control WITHOUT running as root
Date Sun, 02 Jun 1996 22:14:09 GMT
Robert S. Thau wrote:
>   There really isn't much in this wrapper that can be misconfigured.
>   I'm for keeping it as simple as possible.
> "Everything should be made as simple as possible, but no simpler".  
> The sucgi wrapper is too simple.

Further to this point - if the only useful result of complexity is failure,
then the complexity can be condoned (note the pitfall... "only useful result").

>   There are a fair number of checks in sucgi already. 
> But we're talking about a situation in which the attacker already has
> an account on the machine (authorized user attempting to subvert another
> authorized user), and is invoking the wrapper *directly* to do so.  That
> makes any checks performed by sucgi, or anything else in the web server,
> irrelevant, since it is simply not in the picture.




> rst

Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email:
A.L. Digital Ltd,           URL:
London, England.

View raw message