httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aidan Cully <>
Subject Re: [PATCH] "responsible party" for requests.
Date Fri, 07 May 1999 20:29:21 GMT
On Thu, May 06, 1999 at 05:46:04PM, Raymond S Brand said:
> Aidan Cully wrote:
> > 
> > In an effort to make this a slightly easier discussion for people
> > to get involved in, let me explain what the SuEXEC-related changes
> > are supposed to do..
> > 
> ...
> > 
> > I'd like to know that I solved this PR in a good way..  Can
> > someone else that uses SuEXEC please look at the patch?
> > 
> I use suexec and, at a previous employer, needed something similar
> to what you seem to be wanting to do. I've looked at the patch,
> though not tried it.
> Current Apache/suexec behavior is to execute the CGI as User:Group
> from the config files or as UID:GID of the user from the passwd file.
> The patched behavior adds execution as UID:GID of the file to execute.
> The difference is the GIDs and the new behavior is a setGID script.
> This I see as a security hole.

I've thought about this argument, and I don't think I buy it..  If a
file ever gets created that's owned by the user, and in a group the
user isn't in, there's already a security hole..  The user can already
chmod g+s on the file, and then call the setgid script from another
script since SuEXEC doesn't like setid.

And, of course, if the server isn't configured with this directive,
behaviour shouldn't change.

Aidan Cully       "Specialists without spirit, sensualists without heart;
Panix Staff        this nullity imagines that it has attained a level of    civilization never before achieved."   -- Goethe

View raw message