httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject Re: Using the PUT method with Apache
Date Tue, 25 Feb 1997 16:43:24 GMT
No good.  Problem is that when someone exploits something like a buffer
overflow in the webserver all it takes a a trivial bit more code to get
rid of any such restrictions and you have root.  The child process still
needs root privs to do this; changing the euid only shuffles the problem
around a bit. 

On Tue, 25 Feb 1997, Jason S. Clary wrote:

> Switching effective only might work, and then forking and setting real for
> CGI runs so the main httpd process runs as root, the children run as
> effective
> for whatever web they are accessing, and CGI's run real for whatever web they
> are running from.
> It would take a VERY keen eye for security to implament this and a lot of
> time and testing.
> > Two of the projects I am thinking about when I have time are a reasonably
> > secure PUT handler (external setuid binary, gets user password on stdin
> > and verifies it itself) with an idea of trying to get it into the base
> > distribution (would need hooks in the source...) and doing a web based
> > configuration interface; probably a seperate admin server process like
> > most do it, let the user start it by just typing "httpd -config" and
> > loading their web browser.
> > 
> > Both involve doing root-only things that have to be done securely.  Not
> > sure I will ever get to any of these, but...

View raw message