perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Enno <burg...@xs4all.nl>
Subject Re: setting up virtual hosts
Date Wed, 13 Jul 2005 15:30:40 GMT
as far as I know, that uselib vulnerability has nothing to do with
mod_perl. it's a kernel exploit. using a different user wont fix the
problem, updating your kernel will. so why not do that?

Enno

On Tue, 12 Jul 2005, Terrence Brannon wrote:

>    Unfortunately, we have been hit by a [2]uselib() privilege elevation
>    exploit. As a result, our sysadmins have decided that any CGI/mod_perl
>    process has to run as a specific user instead of as www-data.
>
>    At the moment, the sysadmins see no way to run mod_perl such that the
>    mod_perl requests can run as a specific user. Unless I can find a way
>    to have mod_perl processes for each virtual host run as a specific
>    user, we will have mod_perl shutdown.
>      _________________________________________________________________
>
> The Question
>
>    How can we setup our virtual hosts so that each one runs as a specific
>    Unix user?
>      _________________________________________________________________
>
>    Last updated 12-Jul-2005 21:50:04 GMT
>
> References
>
>    1. http://hcoop.net/
>    2. http://packetstorm.rlz.cl/0501-exploits/uselib24.c
>
> --
> 	Carter's Compass: I know I'm on the right track when,
> 	   by deleting something, I'm adding functionality.
>
>


Mime
View raw message