httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John Wojtowicz <wojto...@tcs-sec.com>
Subject RE: different users under Apache?
Date Tue, 17 Aug 1999 17:00:03 GMT
At 06:28 PM 8/16/99 +0530, you wrote:
>Yes, I agree Martin, I am marking it to new-httpd for
>further dicussion/implementation.
>
>In brief, to new-httpd:
>	Martin wants the virtual hosts to be able to run as different 
>	system users (other than the main server User), not only for 
>	script execution(with suEXEC) but ALSO for normal file access.
>

This is definitely an interesting concept, however, I don't know if it
is more secure.  Correct me if I'm wrong but the basis for security that 
currently exists in Apache is based on the fact that
the listening processes are not executing as root.

To do what you're proposing in the simplest manner would likely require 
the listening processes to be exec()'d as root.  This would probably
not be an acceptable solution. 

Or the listening processes would have to ONLY service one particular
ip/port pair.  Again, correct me if I'm wrong but, this would
probably require a big change to the code that handles making the 
children processes.

And this all ignores any thing you might want to do with listening 
threads in the future.  Which would probably make dealing with
different process UID's trickier.

All this is a bit easier to secure up, when you're working on a 
"Trusted" Unix OS, (which handles privileges differently than 
"conventional" Unix Systems).  But thats a whole other story.
I've actually ported Apache to Trusted Solaris 2.5.1, and have secured
it up quite well by modifying it to take advantage of
network labels, and the principle of least privilege.  

Owell just some thoughts on Apache security and running different
vhosts as different users.

John


--
John Wojtowicz, Secure Systems Engr.  ph:    (703) 318-7134
Trusted Computer Solutions, Inc.      fax:   (703) 318-5041
13873 Park Center Rd. Suite 225       email: jwojtowicz@tcs-sec.com
Herndon, VA  20171                    http://www.tcs-sec.com/


Mime
View raw message