You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by ld...@ulysium.net on 2003/05/23 01:40:13 UTC

[users@httpd] quick suexec question

I was wondering about one thing about permissions on scripts running under
suexec.
Since they run under a user's own uid/gid and most files get permissions
such as 750 or similar, wouldn't the write access be a security issue?
Shouldn't all files get their write access removed unless they need it?
I would think if a script file has 750 on it, having a write access would be
a risky proposition.
Can anyone share some insights on this issue?

-- 
Didier Godefroy
mailto:dg@ulysium.net


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org