httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sameer <>
Subject Re: Question for the development team
Date Wed, 13 Aug 1997 17:25:44 GMT
seems to me like suexec would be able to chroot. I don't know though.

> Would someone closer to the suexec scene care to followup?  I'm pretty sure
> there's not, but if not, I'd like to suggest a preferred way we'd like to
> see it done, if he's interested in developing a patch...
> 	Brian
> >Date: Wed, 13 Aug 1997 10:41:43 -0500
> >From: Ben Miller <>
> >X-Mailer: Mozilla 3.01 (Win95; I)
> >To:
> >Subject: Question for the development team
> >
> >Brian, I got your name from the Apache web site and I'm hoping that you
> >will be able to help answer a question.  I am looking to be able to run
> >CGI scripts in the most secure fasion possible.  I have read all the
> >docs on suEXEC and it seems that there is a major security advantage
> >missing from the apache CGI handling capability.  This may be an
> >intentional ommission but I have to ask.  Is there a way currenlty or in
> >development to have the suEXEC wrapper do a chroot to provide a file
> >system level security for each virtual server.  In other words if they
> >want to put a messy CGI script up and it screws up or is hacked it can
> >only ever affect the directory and files of the virtual server.
> >	Thanks in Advance,
> >		Ben Miller
> >
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> "Why not?" - TL  - -

Sameer Parekh					Voice:   510-986-8770
President					FAX:     510-986-8777

View raw message