httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bob Bell <bobb...@zk3.dec.com>
Subject Re: [users@httpd] suEXEC and /etc/passwd
Date Tue, 04 Feb 2003 17:14:16 GMT
On Tue, Feb 04, 2003 at 12:16:24PM -0500, Jurgen <apache@squarehosting.com> wrote:
> what is the use of it?
> Either you want to execute stuff with suexec. Then what do you think
> the operating system would say if you try to start a process as a none
> existing user.  If you don't want to execute anything then how would
> it make a difference if the user exists or not.

    I want to execute the CGI with a specific user ID that does not have
a corresponding username.  That is, suEXEC would perform a setuid() to
a UID not in /etc/passwd.  I just wrote a sort test program that
confirmed to me that you can indeed give setuid() a UID that does not
exist in /etc/passwd.

-- 
Bob Bell <bobbell@zk3.dec.com>
-------------------------------------------------------------------------
 "It [Linux] actually has been mildly frustrating that so many people
  are unwilling to pay us for service and support because the damn
  thing never breaks."
   -- Daniel D. Frye, Director, IBM Linux Technology Center

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message