httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oscar Haeger <Oscar.Hae...@nbit.sigma.se>
Subject [users@httpd] SuExec and symlinks, again
Date Tue, 29 Nov 2005 14:30:10 GMT
Hi.

I have another question about SuExec and symlinks. Now I've found out 
that linking to executables via symlinks violates SuExecs security 
model.

However, suexec only checks for things inside docroot doesn't it? If a 
symlink is present outside of that it wouldn't violate the security 
model and would as such the cgis could be run, is this correct?

Could I symlink "public_html" to "my_own_private_html"-dir and things 
would work? What if my homedir was a link, would that work?

Any input is appreciated.

Oscar

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message