Received: by taz.hyperreal.com (8.6.12/8.6.5) id QAA12990;
 Sun, 2 Jun 1996 16:39:49 -0700
Received: from atropos.c2.org by taz.hyperreal.com (8.6.12/8.6.5) with ESMTP
 id QAA12982; Sun, 2 Jun 1996 16:39:46 -0700
From: sameer@c2.org
Received: (from sameer@localhost) by atropos.c2.org (8.7.4/CSUA) id QAA19459
 for new-httpd@hyperreal.com; Sun, 2 Jun 1996 16:39:45 -0700 (PDT)
Message-Id: <199606022339.QAA19459@atropos.c2.org>
Subject: Re: setuid control WITHOUT running as root
To: new-httpd@hyperreal.com
Date: Sun, 2 Jun 1996 16:39:44 -0700 (PDT)
In-Reply-To: <v02130501add7d230c7fc@[131.151.253.119]> from "Nathan Neulinger"
 at Jun 2, 96 06:26:47 pm
X-Mailer: ELM [version 2.4 PL24 ME8a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

> 
> I see no problem with suCGI suitably modified with the above checks for use
> in personal user directories... But I don't see an easy way to do for
> virtual hosts that will both work and is safe.

	I think that for virtual hosts you can have a mapping of
vhost->uid *and* the CGIs must be owned by that UID. Shouldn't be a
problem. Unless I misunderstand what you are saying here.

-- 
Sameer Parekh					Voice:   510-601-9777x3
Community ConneXion, Inc.			FAX:     510-601-9734
The Internet Privacy Provider			Dialin:  510-658-6376
http://www.c2.net/ (or login as "guest")		sameer@c2.net