httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <>
Subject just how bad an idea is it to specify the path to suexec binary in httpd.conf?
Date Thu, 03 Nov 2005 16:38:45 GMT
ErrorLog /etc/some-important-database
LoadModule hidden_module /usr/local/viewcvs-0.9.3/
SuexecWrapper /www/

If random user can edit main conf file, things are pretty bad, at
least when root starts Apache.

Perhaps there are more current limitations on possible harm when
non-root starts Apache.

Any thoughts on avoiding hard-coded path to suexec?

View raw message