httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nathan Neulinger <nn...@umr.edu>
Subject Re: setuid control WITHOUT running as root
Date Sun, 02 Jun 1996 23:56:20 GMT
At 4:39 PM 6/2/96, sameer@c2.org wrote:
> >
> > I see no problem with suCGI suitably modified with the above checks for use
> > in personal user directories... But I don't see an easy way to do for
> > virtual hosts that will both work and is safe.
>
>         I think that for virtual hosts you can have a mapping of
> vhost->uid *and* the CGIs must be owned by that UID. Shouldn't be a
> problem. Unless I misunderstand what you are saying here.

The problem is getting the wrapper to know that... I.e. the wrapper will
have to read a config file of some sort to find out what uid is mapped to
what virtual dir.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                  Univ. of Missouri - Rolla
EMail: nneul@umr.edu                  Computing Services
WWW: http://www.umr.edu/~nneul      SysAdmin: rollanet.org



Mime
View raw message