httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dean Gaudet <dgau...@arctic.org>
Subject Re: general/2270: Required Patches to Apache sources for FrontPage Module (fwd)
Date Tue, 26 May 1998 00:52:35 GMT


On Mon, 25 May 1998, Gregory A Lundberg wrote:

>       file for fpEXEC.  And, since we might get errors, like Frontpage's
>       version, we'd like to die off with an html document rather than
>       leaving the remote user hanging and logging 'premature end of script
>       headers'.  Since Frontpage expects these responses, and wants them
>       in a particular format, we'll need a configurable error-html script. 

This is only for the frontpage .exe files right?  i.e. the response is
expected to be text/html anyhow... I mean, suexec can be used for
arbitrary responses, so I really hope it doesn't send back text/html error
stuff... it should only send back "Status: 500" I'd say.

>    d) Oh, and make sure we were run by the anonymous web-user and nobody
>       else .. just like suEXEC.  BTW, here's a point where RtR went over-
>       board.  They have mod_frontpage openning a secured file containing
>       some random hashed values and piping it to their version of suEXEC.
>       The idea is to not even trust the web administrator to have secured
>       the machine properly: anyone can run the program so don't trust the
>       UID .. instead since we're SUID-root let's open that root-only file
>       and see if it matches what we're getting from the pipe.  Can anyone
>       say 'handle depletion'?  A good idea, just not needed if you take
>       the time to set up your server correctly.

I don't think the handle depletion bugs me too much... although it is
hard to set up the filedescriptor for it portably.

> Only one problem: this all depends upon having mod_auth, .htacess files,
> group and user (htpasswd) files.  What happens if one of these isn't
> there?  Why we let _anyone_ .. that's right .. anyone in the world .. have
> at our nice Frontpage (or whatever) CGIs.  That sucks raw eggs at MACH 9
> through a straw doesn't it?  All this work making things secure and some
> dumb user FTPs in and DELEtes his .htaccess file blowing it all away.  So
> we need one last change: we need to be ABSOLUTELY SURE _this_ URL was
> approved through mod_auth with a valid .htaccess and a valid password
> challenge and response. 

Oh wow.

It all sounds reasonable... although the suexec folks probably will
want to chime in.  OK, so I'm not a windows user, and I've never used
FrontPage.  I've always assumed it is just a glorified PUT mechanism
done microsoft's way.  How does it differ from PUT?

You see what I'd like to see is an add-on to apache which makes it
trivial for admins to set up sites so that IE or Netscape users can
easily create and edit documents/images/etc.  I'm not sure what are the
best tools to make this happen though... on my own site I just force
everyone to learn ftp, because I can't be bothered to learn all the rest
of the stuff required.

Dean


Mime
View raw message