httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason S. Clary" <jcl...@futurefx.com>
Subject Re: Using the PUT method with Apache
Date Tue, 25 Feb 1997 23:12:37 GMT
Guess someone best squash all the buffer overflow problems.. ;P

Is anyone worried about ftp servers being run as root?

---
Jason S. Clary <jclary@futurefx.com>
http://www.futurefx.com/~jclary/
---

----------
> From: Marc Slemko <marcs@valis.worldgate.com>
> To: new-httpd@hyperreal.com
> Subject: Re: Using the PUT method with Apache
> Date: Tuesday, February 25, 1997 8:43 AM
> 
> No good.  Problem is that when someone exploits something like a buffer
> overflow in the webserver all it takes a a trivial bit more code to get
> rid of any such restrictions and you have root.  The child process still
> needs root privs to do this; changing the euid only shuffles the problem
> around a bit. 
> 
> On Tue, 25 Feb 1997, Jason S. Clary wrote:
> 
> > Switching effective only might work, and then forking and setting real
for
> > CGI runs so the main httpd process runs as root, the children run as
> > effective
> > for whatever web they are accessing, and CGI's run real for whatever web
they
> > are running from.
> > 
> > It would take a VERY keen eye for security to implament this and a lot of
> > time and testing.
> > 
> > > Two of the projects I am thinking about when I have time are a
reasonably
> > > secure PUT handler (external setuid binary, gets user password on stdin
> > > and verifies it itself) with an idea of trying to get it into the base
> > > distribution (would need hooks in the source...) and doing a web based
> > > configuration interface; probably a seperate admin server process like
> > > most do it, let the user start it by just typing "httpd -config" and
> > > loading their web browser.
> > > 
> > > Both involve doing root-only things that have to be done securely.  Not
> > > sure I will ever get to any of these, but...
> > 

Mime
View raw message