www-apache-bugdb mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Slemko <ma...@znep.com>
Subject Re: suexec/1924: VirtualHosts don't work with suexec, why not simply...
Date Mon, 09 Mar 1998 01:20:00 GMT
The following reply was made to PR suexec/1924; it has been noted by GNATS.

From: Marc Slemko <marcs@znep.com>
To: Dag Wieers <dag@digibel.be>
Cc: Apache bugs database <apbugs@apache.org>
Subject: Re: suexec/1924: VirtualHosts don't work with suexec, why not simply...
Date: Sun, 8 Mar 1998 18:11:48 -0700 (MST)

 On Mon, 9 Mar 1998, Dag Wieers wrote:
 > > Synopsis: VirtualHosts don't work with suexec, why not simply...
 > > 
 > > State-Changed-From-To: open-closed
 > > State-Changed-By: marc
 > > State-Changed-When: Sun Mar  8 16:15:23 PST 1998
 > > State-Changed-Why:
 > > No, we can not do that.  It is not secure.  suexec has to
 > > be secure even in the case that any user can execute it.
 > > It is possible to extend it to allow multiple hardcoded
 > > documentroots.  Right now, VirtualHosts work fine if you
 > > put them all below a common directory.
 > > 
 > > suexec is very limited and anal on purpose; it is very easy
 > > to open up a lot of security risks.
 > thanks for the instant reply, but i don't see why it is not secure, you
 > can't possibly alter the environment-variable in the short time apache
 > loads suexec, can you ? otherwise i think that's a security-bug in apache
 > not suexec. multiple hardcoded documentroots needs recompiles after every
 > addition... using the environmentvariables (that were made for these
 > tasks) would make this much more flexible, i think. (or communication as
 > an argument is another option, although the environment is already there,
 > why don't suexec use it ? ;ppp)
 No, the whole point is that _ANYONE_ else can execute suexec if they can
 get access to the user Apache runs as to bypass that check.  It is not
 acceptable for that person to be able to specify their own varilables that
 can alter what suexec does in such a manner.  If suexec would listen to
 what they specify, it would be possible to compromise security in many
 > if i'm taking away your precious time, just tell me. but i think this is
 > important enough to clear this out, cause i'm convinced that cgi's ran by
 > users are a counterspell against ASP... (and ASP is far more worse than
 >                    _  _  _
 > ----------------- |_)(-)(_- -----------------
 >  fn:dag wieers - http://www.sisa.be/dagmenu/
 >  em:dag@digibel.be                uin:363535      
 > ---------------------------------------------
 >  if the human  brain were  so simple that we 
 >  could understand it,  we would be so simple
 >  we couldn't.
 > ---------------------------------------------

View raw message