httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Raymond S Brand <r...@rsbx.net>
Subject Re: [PATCH] "responsible party" for requests.
Date Fri, 07 May 1999 21:56:01 GMT
Aidan Cully wrote:
> 
> On Fri, May 07, 1999 at 05:16:24PM, Raymond S Brand said:
> > Aidan Cully wrote:
> > > The point is that the hole exists outside of apache/suexec.  He can
> > > _always_ chmod g+s on the file and get group privs.
> >
> > Actually, most modern systems insist that the user be a member of the
> > group of the file for chmod g+s to work. So, on those systems, Apache/suexec
> > will be a security hole.
> 
> Ah, looks like you're right..  If I added a directive
> URIOwner FileUser
> which did a getpwuid on the st_uid for the file, and returned the group
> from that, would that be acceptable?  Or is that too hackish?  Maybe it
> would have been better to override the 'User'/'Group' directives than
> to add a new URIOwner?

The existing directive is OK (maybe it should be called ExecAsFileOwner); just
change the behavior in util_script.c so that after the call to
ap_get_uri_owner(), it does a getpw*() and uses the group from the passwd
file.

Raymond S Brand

Mime
View raw message