httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Harris" <>
Subject RE: RedHat RPM enables suexec by default?
Date Tue, 26 Oct 1999 00:08:20 GMT

Marc Slemko wrote:
> Does anyone know if this is true?
> If so, it seems... well... somewhat questionable to me.

I don't see that in the Red Hat 6.0 Apache RPM:

# rpm -q apache
# rpm -ql apache | grep suexec

I agree that it would be questionable. I helped out the maintainer of the
apache-mod_ssl RPM by recommending that he distribute the RPM with the
setuid-bit on the suexec binary removed. This way a user would have to enable
it manually to be bitten.

 - David Harris
   Principal Engineer, DRH Internet Services

View raw message