httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <>
Subject Re: WWW Form Bug Report: "security hole, webmaster has the root privilage when running perl script" on Solaris 2.x
Date Wed, 07 Aug 1996 18:40:35 GMT

Sounds to me as though you've set it up wrong. Check the user and group
directives in


>Operating system: Solaris 2.x, version: 
>Version of Apache Used: 1.1
>Extra Modules used: 
>URL exhibiting problem:
>We wrote a file manager in perl (no setuid stuff)
>And it is able to remove file belong to root 
>under the document root.
>I started the httpd server from root and run as
>webmaster. Big hole!

Rob Hartill (
The Internet Movie Database (IMDb)
           ...more movie info than you can poke a stick at.

View raw message