httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aidan Cully <ai...@panix.com>
Subject Re: [PATCH] "responsible party" for requests.
Date Fri, 07 May 1999 21:42:08 GMT
On Fri, May 07, 1999 at 05:16:24PM, Raymond S Brand said:
> Aidan Cully wrote:
> > The point is that the hole exists outside of apache/suexec.  He can
> > _always_ chmod g+s on the file and get group privs.
> 
> Actually, most modern systems insist that the user be a member of the
> group of the file for chmod g+s to work. So, on those systems, Apache/suexec
> will be a security hole.

Ah, looks like you're right..  If I added a directive
URIOwner FileUser
which did a getpwuid on the st_uid for the file, and returned the group
from that, would that be acceptable?  Or is that too hackish?  Maybe it
would have been better to override the 'User'/'Group' directives than
to add a new URIOwner?

--aidan
-- 
Aidan Cully       "I saw Judas carryin' the body/ Of John Wilkes Booth..
Panix Staff        Down there by the train..."
aidan@panix.com         -Johnny Cash

Mime
View raw message