httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Behlendorf <br...@organic.com>
Subject Question for the development team
Date Wed, 13 Aug 1997 16:51:29 GMT

Would someone closer to the suexec scene care to followup?  I'm pretty sure
there's not, but if not, I'd like to suggest a preferred way we'd like to
see it done, if he's interested in developing a patch...

	Brian

>Date: Wed, 13 Aug 1997 10:41:43 -0500
>From: Ben Miller <bgmiller@dccinc.com>
>X-Mailer: Mozilla 3.01 (Win95; I)
>To: brian@organic.com
>Subject: Question for the development team
>
>Brian, I got your name from the Apache web site and I'm hoping that you
>will be able to help answer a question.  I am looking to be able to run
>CGI scripts in the most secure fasion possible.  I have read all the
>docs on suEXEC and it seems that there is a major security advantage
>missing from the apache CGI handling capability.  This may be an
>intentional ommission but I have to ask.  Is there a way currenlty or in
>development to have the suEXEC wrapper do a chroot to provide a file
>system level security for each virtual server.  In other words if they
>want to put a messy CGI script up and it screws up or is hacked it can
>only ever affect the directory and files of the virtual server.
>	Thanks in Advance,
>		Ben Miller
>
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
"Why not?" - TL           brian@organic.com - hyperreal.org - apache.org

Mime
View raw message