httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pete Houston <...@openstrike.co.uk>
Subject Re: [users@httpd] Locking Down httpd w/virtualhosts
Date Wed, 24 Oct 2012 09:03:38 GMT
On Tue, Oct 23, 2012 at 12:38:39PM +1000, Nick Edwards wrote:
> was hoping for a general cgi solution tha works the same, perhaps its
> there and my google fu is failing me today?

Something like sbox? http://stein.cshl.org/software/sbox/

> If not, could this be a feature request, it can not be that much of a
> resource issue as far as I can see since it already does this for php
> module.
> maybe  --with-suexec-docroot=/var/www  could be modified to stop upper
> level traversals?
> I am not a programmer so I have idea.

I do not see any need to have this in core apache. There is already a
DocumentRoot for non-CGI restrictions and if you want to impose similar
restrictions on your CGI environment then handling that within the CGI
by use of something like sbox seems to be the way to go - no need to
burden Apache with that.

Pete
-- 
Openstrike - improving business through open source
http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107

Mime
View raw message