httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Douglass <miked...@texas.net>
Subject Re: suEXEC, son of suCGI.
Date Tue, 30 Jul 1996 14:52:22 GMT
On Mon, 29 Jul 1996, Randy Terbush wrote:

> > At this point, I would suggest having a flag that sets what happens at #2.
> > I'd rather be able to tell the server to run scripts in suexec mode *only*
> > or not at all; while others would want it to fall back to the default.  This
> > should not be too hard for it to do:
> > 
> > if (!secure_exec_mode) {
> >   if (secure_exec_mode_only)
> >     error out;
> >   else
> >     continue with apache norm;
> > }
> 
> How would you suggest doing this?
> 
> Commandline flag?
> Config directive?
> Special filename for the wrapper?

A Config directive would make the most sense.  And it could even be setup
as a perdir config so that you can be very strict with some directories,
and not as strict with others.  Just my thoughts.

Michael Douglass
Texas Networking, Inc.

  "To be a saint is to be an exception; to be a true man is the rule.
   Err, fail, sin if you must, but be upright.  To sin as little as
   possible is the law for men; to sin not at all is a dream for angels."

              - Victor Hugo, "Les Miserables"


Mime
View raw message