httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jsl...@gmail.com>
Subject Re: [users@httpd] suexec improvement suggestion
Date Fri, 20 May 2005 14:16:25 GMT
On 5/20/05, Alexander Kolesnik <apache-list1@abisoft.biz> wrote:

> So, I ask you, people, to tell what do you think about this feature.
> Does anybody (besides me) need it? What other cons do you see?
> I hope if there would be many people needing this feature, Apache
> developers insert it into their to-do list.

This is not a very friendly answer, but I think it is the best one:

This is something you could probably impliment with a couple hours
work of hacking suexec.c.  If you don't have the knowledge to do that,
then you probably also don't have the knowledge to understand all the
security implications involved and hence shouldn't be doing it anyway.
 So that fact that it isn't already implimented provides a good filter
against people shooting themselves in the foot.

(Even if you do have the knowledge to impliment this, you still may
not have the knowledge to understand the security implications, so you
probably still shouldn't do it.)

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message