httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <...@jaguNET.com>
Subject Re: last post on suexec tonight, I swear
Date Mon, 11 Nov 1996 23:41:40 GMT
Jason A. Dour wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Mon, 11 Nov 1996, Jim Jagielski wrote:
> > > 	Why?  The server does this.  If it cannot find the file specified
> > > by the server in the cwd, then it fails.  If there's a way to exploit this
> > > setup, let me know...but right now a chdir seems unnecessary.
> > 
> > This is an incredible convenience when running user's cgi-scripts.
> 
> 	Umm.  The server already does this as well.  If it isn't then the
> code has changed from the last time I've seen it...
> 
> 	Regardless of ~userdir or not, the server *should* chdir()
> *before* suEXECing...that's the design Randy and I had implemented.
> 

I think that httpd does do a chdir, but only to the r->filename.
I have suexec actually, if in ~user "mode" get the user's homedir,
and then do it's chdir to ~user/public_html/cgi-bin (or wherever)


-- 
====================================================================
      Jim Jagielski            |       jaguNET Access Services
     jim@jaguNET.com           |       http://www.jaguNET.com/
                  "Not the Craw... the CRAW!"

Mime
View raw message