httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Trawick <traw...@gmail.com>
Subject just how bad an idea is it to specify the path to suexec binary in httpd.conf?
Date Thu, 03 Nov 2005 16:38:45 GMT
ErrorLog /etc/some-important-database
LoadModule hidden_module /usr/local/viewcvs-0.9.3/pipeopen.py
SuexecWrapper /www/abc.example.com/bin/suexec

If random user can edit main conf file, things are pretty bad, at
least when root starts Apache.

Perhaps there are more current limitations on possible harm when
non-root starts Apache.

Any thoughts on avoiding hard-coded path to suexec?

Mime
View raw message