httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ras...@madhaus.utcs.utoronto.ca
Subject Re: PUT handler spec?
Date Fri, 05 Jul 1996 20:30:54 GMT
>     # ...with a .htpasswd that gives a password he's chosen for "root".
>     # He can now author files in "/etc/" at will...

Well, only if the files in /etc were writable to the httpd user, which
one would presume they weren't.  I wasn't suggesting running httpd as 
root.  It may also be necessary to turn off the .htaccess feature.

> My PUT-handler uses the second approach, primarily because with less
> code running as root, it's easier to think about how it might be
> exploited and what might go wrong.  It is, as you have observed,
> somewhat cautious in doing so.  I hope I've explained why.

I understand the reasoning.  Just seems like it would be a never-ending
race between you and the bad guys.  As soon as you have a setuid-root
script, you will be drawing the bad guys in droves.  I was trying to figure
out if by limiting some of the standard features, it would be feasible
to do without a setuid-root component.

-Rasmus

Mime
View raw message