httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manoj Kasichainula <man...@io.com>
Subject Re: listenwrap support
Date Mon, 19 Oct 1998 02:36:39 GMT
On Sun, Oct 18, 1998 at 06:59:57PM -0700, Dean Gaudet wrote:
> You mean like:
> 
> #!/usr/bin/perl
> $#ARGV == 0 || die "usage: logger filename\n";
> open(LOG, ">>$ARGV[0]") || die "$0: unable to open $ARGV[0] for writing: $!\n";
> print LOG <STDIN>;
> 
> and then setuid it to a non-root user who is also not the same as the user
> httpd runs as? 

Hmm, if this is owned by the group of the web server and mode 754, or
there's an added check for the current uid, this could work. Needs an
"undef $/" though.

Is it worth writing a C version? My tests say a perl version of cat is
2.5 times slower than cat, but I don't think it would hurt enough to
matter.

> You don't need logs written as root, you just need them written as
> something that's not the samea s httpd. 

Right, I was stuck on having root-owned logs still possible to
simulate the old behavior, but there's no reason for that.

But, this would make support for listenwrap in APACI impossible unless we
give it the power to create new users. It can always be set up
manually, though, and Configure would need that anyway.

-- 
Manoj Kasichainula - manojk at io dot com - http://www.io.com/~manojk/
"You can get more with a kind word and a 2x4 then just a kind word."
  -- Marcus, B5

Mime
View raw message