[Speedycgi-users] mod_speedy and setuid scripts
Brought to you by:
samh
Menu
▾
▴
[Speedycgi-users] mod_speedy and setuid scripts
|
From: Chung-Kie T. <tu...@tu...> - 2003-03-15 13:47:05
|
Hi Sam, Does mod_speedyCGI support setuid root? Since mod_speedy is at the same process space as apache and apache is not recommended to run with root uid, the mod_speedy won't have the root permission. But the script is actually compiled and executed by the speedy_backend, so it seems the backend can just run the script with any permission it wants no matter what the euid of mod_speedy is. My suggestion is to have a option in mod_speedy to specify the names of scripts that are allowed to be executed with root. Than speedy_backend can check the script setuid bit to determine if the script should be executed with setuid. Regards. tung -- Distributed System Laboratory (http://dslab.ee.ncku.edu.tw) Department of Electrical Engineering National Cheng Kung University, Tainan, Taiwan, R.O.C. |
