httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <>
Subject idea for suexec...
Date Sat, 11 Oct 1997 03:06:31 GMT
suexec could check the process group it is in to be sure it is the same as
the currently running Apache.  It would take a minimal amount of code.

Not sure it is worth it, however, since other CGIs are still in the same
process group.  It does make it more difficult to call it successfully

Hmm.  Apache could make a seperate process group for it, then write the
gropu number to a root-writable file (which is opened at init time) and
suexec could check to be sure it is in there.  That's effort though and
I'm not sure it is the best way.  Oh, and it still leaves you open to
reusal of pid attacks.

View raw message