httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <r...@imdb.com>
Subject Re: doc patches for symlinked logfile warnings
Date Sun, 05 Jan 1997 18:57:49 GMT
On Sat, 4 Jan 1997, Jim Jagielski wrote:

> Is suexec really "directly" supported by Apache (ie: the group itself
> is "responsible" for it?

It's part of the source code, so I think the answer is "yes" - whether
anyone likes it or not.

Jason and Randy are supporting it throught the group so I don't see
this as a problem. A few other people have also shown an interest in
working with/on it.

I haven't followed the threads on suexec but have scanned some of the
messages. If there are major security problems with it then flashing lights
should be added to the documentation and wherever suexec feature are
enabled.

For those who haven't seen it, here's what's in the manual:

	At the same time, improperly configured, this facility can
	crash your computer, burn your house down and steal all the
	money from your retirement fund. :-) If you aren't familiar
	with managing setuid root programs and the security issues
	they present, we highly recommend that you not consider using
	this feature.


If that text is in the source too, then it's a good start. The standard
license text covers us if anyone's house does burn down.

rob

Mime
View raw message