|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Eric Anderson (anderson_at_centtech.com)
Date: Thu Nov 14 2002 - 07:32:23 CST
Kirk Bailey wrote:
> oops. I quote:
>
> 7.Is the target user NOT superuser?
>
> Presently, suEXEC does not allow 'root' to execute CGI/SSI
> programs.
>
> Alas, the file appears to be owned by root. Now what?
I'm assuming by "owned by root" you mean setuid bit is on and the
ownership is root? Just making a file owned by root doesn't make it run
as root. If you DID have the setuid bit on, and it IS root owned, you
are in dangerous waters. It's not really a great idea to have suid root
programs running from a web site - all it takes is for you to miss one
thing and the "evil hacker" has root access on your box, instead of just
access as "nobody".
The nobody user should be able to read the aliases file just fine with
no extra permissions.
Eric
-- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Beware the fury of a patient man. ------------------------------------------------------------------To Unsubscribe: send mail to majordomo
FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]