Received: by taz.hyperreal.com (8.8.3/V2.0) id JAA17905; Sat, 4 Jan 1997 09:01:39 -0800 (PST) Received: from sierra.zyzzyva.com by taz.hyperreal.com (8.8.3/V2.0) with ESMTP id JAA17896; Sat, 4 Jan 1997 09:01:30 -0800 (PST) Received: from sierra (localhost [127.0.0.1]) by sierra.zyzzyva.com (8.8.4/8.8.2) with ESMTP id LAA29290; Sat, 4 Jan 1997 11:01:07 -0600 (CST) Message-Id: <199701041701.LAA29290@sierra.zyzzyva.com> To: ben@algroup.co.uk, new-httpd@hyperreal.com Subject: Re: suexec concerns In-reply-to: ben's message of Sat, 04 Jan 1997 13:30:11 +0000. <9701041330.aa25891@gonzo.ben.algroup.co.uk> X-uri: http://www.zyzzyva.com/ Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 04 Jan 1997 11:01:07 -0600 From: Randy Terbush Sender: new-httpd-owner@apache.org Precedence: bulk Reply-To: new-httpd@hyperreal.com I have that code sitting here and _might_ take a look at what it would take to start using it. I have not had success getting a response from RST, and did not know the status of whether we could use this or not. > RST and I thrashed this one out long ago, when suexec first came up. I forget > the details of the solution, but RST did implement it in threaded Apache. I > even have his permission to lift it out and add it to 1.2, I just never got > round to it. > > As I remember it, a perfect solution was not possible, but a successful attack > required the attacker to a) kill off a legitimate child and b) get a new > process with the same process ID before Apache noticed that the original had > died (which would only be possible after Apache had retrieved status, I > believe, so would require a very narrow time slot). > > Cheers, > > Ben. > > -- > Ben Laurie Phone: +44 (181) 994 6435 Email: ben@algroup.co.uk > Freelance Consultant and Fax: +44 (181) 994 6472 > Technical Director URL: http://www.algroup.co.uk/Apache-SSL > A.L. Digital Ltd, Apache Group member (http://www.apache.org) > London, England. Apache-SSL author