httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@gonzo.ben.algroup.co.uk>
Subject Re: setuid control WITHOUT running as root
Date Sun, 02 Jun 1996 22:14:09 GMT
Robert S. Thau wrote:
> 
>   There really isn't much in this wrapper that can be misconfigured.
>   I'm for keeping it as simple as possible.
> 
> "Everything should be made as simple as possible, but no simpler".  
> The sucgi wrapper is too simple.

Further to this point - if the only useful result of complexity is failure,
then the complexity can be condoned (note the pitfall... "only useful result").

> 
>   There are a fair number of checks in sucgi already. 
> 
> But we're talking about a situation in which the attacker already has
> an account on the machine (authorized user attempting to subvert another
> authorized user), and is invoking the wrapper *directly* to do so.  That
> makes any checks performed by sucgi, or anything else in the web server,
> irrelevant, since it is simply not in the picture.

Quite.

Cheers,

Ben.

> 
> rst

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.

Mime
View raw message