On Tue, Oct 23, 2012 at 12:38:39PM +1000, Nick Edwards wrote: > was hoping for a general cgi solution tha works the same, perhaps its > there and my google fu is failing me today? Something like sbox? http://stein.cshl.org/software/sbox/ > If not, could this be a feature request, it can not be that much of a > resource issue as far as I can see since it already does this for php > module. > maybe --with-suexec-docroot=/var/www could be modified to stop upper > level traversals? > I am not a programmer so I have idea. I do not see any need to have this in core apache. There is already a DocumentRoot for non-CGI restrictions and if you want to impose similar restrictions on your CGI environment then handling that within the CGI by use of something like sbox seems to be the way to go - no need to burden Apache with that. Pete -- Openstrike - improving business through open source http://www.openstrike.co.uk/ or call 01722 770036 / 07092 020107
Attachment:
pgpa8JFliznqD.pgp
Description: PGP signature
|