httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jim Jagielski <>
Subject Re: suexec concerns
Date Sat, 04 Jan 1997 15:55:19 GMT
Ben Laurie wrote:
> RST and I thrashed this one out long ago, when suexec first came up. I forget
> the details of the solution, but RST did implement it in threaded Apache. I
> even have his permission to lift it out and add it to 1.2, I just never got
> round to it.
> As I remember it, a perfect solution was not possible, but a successful attack
> required the attacker to a) kill off a legitimate child and b) get a new
> process with the same process ID before Apache noticed that the original had
> died (which would only be possible after Apache had retrieved status, I
> believe, so would require a very narrow time slot).

I personally think it would be a Good Idea if suExec could be made
as cgiwrap-like as possible, maybe by a compile-time selection. This
includes forcing ~/public_html/cgi-bin restrictions and the like.
I know Nathan is following this group and think a "merger" of
suexec and cgiwrap for Apache would be good (of course, a
standalone cgiwrap would still be needed for the unenlightened).

cgiwrap is really designed around user's cgi-scripts, whereas I
think that the focus for suexec has not been... At least, I don't
think that it's been used in a cgiwrap-like way, since it assumes
a "central location" for scripts.

Nathan, comments?
      Jim Jagielski            |       jaguNET Access Services           |
                  "Not the Craw... the CRAW!"

View raw message