httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Grant Peel" <gp...@thenetnow.com>
Subject Re: [users@httpd] php and suexec
Date Wed, 24 Oct 2007 14:03:59 GMT
Joshua,

Interesting, maybe I have always missunderstood these (suexec) conditions (12 and 13 I think).


    Is the directory within the Apache webspace? 
  1.. If the request is for a regular portion of the server, is the requested directory within
suEXEC's document root? If the request is for a UserDir, is the requested directory within
the directory configured as suEXEC's userdir (see suEXEC's configuration options)? 

  2.. Is the directory NOT writable by anyone else? 
  We don't want to open up the directory to others; only the owner user may be able to alter
this directories contents. 

  ----- Original Message ----- 
  From: Joshua Slive 
  To: users@httpd.apache.org ; Grant Peel 
  Sent: Wednesday, October 24, 2007 9:45 AM
  Subject: Re: [users@httpd] php and suexec


  On 10/24/07, Grant Peel <gpeel@thenetnow.com> wrote:
  >
  >
  > Understood,
  >
  > BUT suexec will not allow a script to be written to outside the users home directory
... right?
  >

  I have no idea what you mean with that sentence.

  Suexec is very strict about what scripts it will LAUNCH. But once a
  script is started, it is free to do anything that is allowed to its
  user.

  Joshua.

  ---------------------------------------------------------------------
  The official User-To-User support forum of the Apache HTTP Server Project.
  See <URL:http://httpd.apache.org/userslist.html> for more info.
  To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
  " from the digest: users-digest-unsubscribe@httpd.apache.org
  For additional commands, e-mail: users-help@httpd.apache.org


------------------------------------------------------------------------------
        Total Control Panel  Login  
        To: gpeel@thenetnow.com  Message Score:  50   High (60): Pass  
        From: users-return-76615-gpeel=thenetnow.com@httpd.apache.org  My Spam Blocking Level:
 High  Medium (75): Pass  
             Low (90): Pass 
           Block messages from this sender (blacklist)    
          
        This message was delivered because the content filter score did not exceed your filter
level.  

Mime
View raw message