httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Kew <...@apache.org>
Subject Re: [users@httpd] root perms / rewritemap prg / module system()
Date Wed, 08 Jun 2016 12:24:51 GMT
On Wed, 2016-06-08 at 08:01 -0400, Eric Covener wrote:
> On Sat, Apr 16, 2016 at 6:00 PM, Ben RUBSON <ben.rubson@gmail.com> wrote:
> > Then my question is, could it be possible ?
> 
> You would need your own daemon launched during an early hook (like
> post_config).  You wouldn't be able to respond [directly] to requests,
> you'd need to reach out over something like a pipe the way rewritemap
> does.
> 
A hacked suexec would be a per-request option.  Or using
solaris and mod_privileges might just possibly help with
more fine-grained escalation.

Bear in mind that anything running as root is, at the very least,
a big security concern, and I would NOT recommend the above
unless it was an alternative to something yet worse!
Rewritemap at least has the advantage of history and exposure.

-- 
Nick Kew


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message