httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@worldgate.com>
Subject Re: anonymous CVS access
Date Sun, 03 Aug 1997 16:42:48 GMT
On Sun, 3 Aug 1997, Randy Terbush wrote:

> 
> It should not be necessary, (or even desirable) to set the setuid 
> bit on pr-edit. You should be able to accomplish your goal by just 
> setting 'User apwww' for this virtual host and making sure that the 
> CGI is owned by that user.

Nono, gnats _normally_ likes to have things setuid to prevent people from
mucking with them directly.  It may be possible to change that, but it
would take effort making sure everything sets the umasks right to allow
group write.

> 
> > Verifying that all that worked as anticipated, and that the group id was
> > being set right, I changed the permissions on the suexec "pr-edit" program
> > to 4750.  Again, all worked as expected, so I added the other members of
> > the group "httpd" to the group "bugdb".  Hey, do any Unices out there have
> > hierarchical user grouping?  Hmm....
> 
> [deletia]
> 
> > 	Brian
> > 
> > 
> > --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> > "Why not?" - TL           brian@organic.com - hyperreal.org - apache.org
> 
> 


Mime
View raw message