You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Rob Hartill <ro...@imdb.com> on 1997/01/21 22:12:39 UTC
util.c change if suexec_enabled set? (fwd)
---------- Forwarded message ----------
Date: Tue, 21 Jan 1997 11:58:18 -0800 (PST)
From: Ian Reddy <ia...@sfu.ca>
To: apache-bugs@apache.org
Subject: util.c change if suexec_enabled set?
I'm not completely sure about this but it seems to me that if suexec
is in use then a user's CGI scripts need not be group/world accessable
in any way, possibly increasing security (through obscurity).
If so then the following diff would apply to util.c:
% diff -C3 util.c*
*** util.c Sat Jan 18 23:12:01 1997
--- util.c.orig Sat Jan 18 23:11:25 1997
***************
*** 941,947 ****
#ifdef MULTIPLE_GROUPS
int cnt;
#endif
- if(suexec_enabled) return 1;
#ifdef __EMX__
/* OS/2 dosen't have Users and Groups */
return 1;
--- 941,946 ----
--
Ian Reddy, Senior Systems Consultant E-mail: Ian_Reddy@sfu.ca
Academic Computing Services, AD1021 ian@sfu.ca
Simon Fraser University Telephone: (604) 291-3936
Burnaby, B.C. Canada V5A 1S6 Fax: (604) 291-4242