httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: [PATCH] suexec to work with relative paths
Date Wed, 14 Nov 2001 23:45:23 GMT
On Wed, 14 Nov 2001, Aaron Bannert wrote:

> Implementation Details:
> 
>  - Apache forms absolute paths for each of the above suexec pathnames,
>    even if they are presented in a relative form.
> 
>  - The logpath and suexec docroot (not the main docroot) are passed as
>    new parameters to the suexec call. (This seems OK to me, since we're
>    already "trusting" the other argv params passed to suexec.)

NO!

These things can not be passed on the command line.  That is a gaping
security hole.  suexec is designed in a very restrictive manner on purpose
with the assumption that anything passed on the command line is suspect,
and should be treated as such.  That is why there is a hardcoded 
docroot, etc.



Mime
View raw message