On 5/20/05, Alexander Kolesnik <apache-list1@xxxxxxxxxxx> wrote: > Hello Joshua, > > Friday, May 20, 2005, 6:16:25 PM, you wrote: > > > (Even if you do have the knowledge to impliment this, you still may > > not have the knowledge to understand the security implications, so you > > probably still shouldn't do it.) > > Could you please tell what security implications do you mean? And > what's the difference between original suexec's security and the one I > suggested? I can't say that I'm a real expert here either, but one important issue is that you would need to remove an suexec security check: suexec runs files only under the userid of their owner. Removing this check wouldn't automatically lead to a problem -- you'd still need to compromise the httpd user -- buy it gets you one step closer. In general, you'd be surprised at how many different people file bugs asking for suexec restrictions to be relaxed in various ways. But the point of suexec is to be simple and secure. Relaxing these restrictions -- even on a compile-time configurable basis -- would certainly kill the "simple" part, and quite possibly the "secure" part as well. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|