httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason A. Dour" <...@bcc.louisville.edu>
Subject Possible suEXEC userdir fix...
Date Mon, 06 Jan 1997 21:05:04 GMT
-----BEGIN PGP SIGNED MESSAGE-----

I have another possible solution to the userdir "problem" with suEXEC.

I am of the opinion that locking userdir requests to ~/<userdir>/cgi-bin/
is unecessary and would even further break SSIs.

Instead of limiting to the single directory, how about having a USERDIR
DEFINE that would contain the web directory name for userdirs.  That was,
we can search for (HOMEDIR "/" USERDIR "/") in the current working 
directory.  Seems to me it would limit requests to a user's webspace.

I can have a patch ready sometime tonight or early tomorrow.  Would this
appease people enough so we can move forward on 1.2?

Jason
# Jason A. Dour <jad@bcc.louisville.edu>                            1101
# Programmer Analyst II; Department of Radiation Oncology; Univ. of Lou.
# Finger for URLs, PGP public key, geek code, PJ Harvey info, et cetera.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMtFpApo1JaC71RLxAQHPcAP6Axf9li1T41DZPy//0lScSvb1FBMnI99E
BkJEfjZ1CDmX6EBSEpT2xBFNUfvurn3W+qAu5vJkKnw5OXgRAqkHRymQK+pN/mu8
UtOS86oF7SvJhq4C0xgDLPuQ+vFXehB6md+5/RUaPdWK4qhbPv59JMMfaFI+cS3z
aJR5FBr4TSQ=
=lpia
-----END PGP SIGNATURE-----


Mime
View raw message