httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aidan Cully <ai...@panix.com>
Subject Re: [PATCH] "responsible party" for requests.
Date Tue, 13 Apr 1999 22:42:27 GMT
I've modified the patch I sent along with this message to run CGI
programs (using SuEXEC) as the URIOwner of the file.  This (to my mind)
effectively addresses the PR I filed about mixing SuEXEC with
mod_userdir (suexec/4069).  The modified patch is appended.

<rantish>
I'm honestly disheartened by the silence greeting my work..  This is
the last local hack we've got in Apache, and is very important for our
billing to work, and for security.  If there are objections to it, fine,
let me know, I'll try to address them, or even leave off completely..
But it's been nearly a month since I posted this, and I've heard only
silence.  That's no fun at all, and does less than fill me with
enthusiasm for giving stuff back to Apache.
</rantish>

Let me know..
--aidan

On Tue, Mar 16, 1999 at 05:27:11PM, Aidan Cully said:
> All right, I've got most of what I said I was going to do W/R/T modifying
> Apache's config file to allow for a "responsible party" for requests..
> Currently, it looks like
> 
> URIOwner serveruid
> 
> <Directory /htdocs/userdirs/>
> URIOwner fileuid
> </Directory>
> 
> and I've changed mod_log_config to allow
> LogFormat "%I:%G"
> to return the userid or the groupid on the request, respectively.  I've
> tested the logging part, and it seems to work pretty well..  Where I'm
> starting to get screwed up is in how I run CGI scripts, but I think that
> has more to do with dain-bramage in SuEXEC than in my patch.  I'll send
> a PR on that later..
-- 
Aidan Cully       "Congratulation."
Panix Staff          -- Blade of Fury
aidan@panix.com

Mime
View raw message