httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r..@ai.mit.edu (Robert S. Thau)
Subject Re: Oops explained
Date Thu, 11 Jul 1996 15:31:50 GMT
  Question:  My server never runs as root.  Will it be able to create a
             PUT-able section of its own filespace (owned by the server uid)?

If the server doesn't even start up as root, then my whole strategy
for doing this particular check is impossible.  Then again, if the
PUT-handler doesn't run setuid, the check isn't particularly necessary
(because running the PUT-handler doesn't give attackers any privilege
they don't already have).

So, I could add code to the PUT-handler to disable the child-check
code if the PUT-handler itself is *not* running setuid --- is that
what you're asking for?  (It's very easy, if so).

(NB, for others, a consequence of this is that any CGI script could
walk all over the PUT-able section of the filespace... Roy presumably
deals with this by disallowing CGI except for trusted users).

rst

Mime
View raw message