You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "Jason A. Dour" <ja...@bcc.louisville.edu> on 1997/01/24 16:24:47 UTC
Re: Apache 1.2b4 and suexec
-----BEGIN PGP SIGNED MESSAGE-----
I was going to let another Group member handle this...because you've got
me quite peeved at the moment...but...
You know...if you would stop insulting me and the group as a whole for a
moment, we might be able to help you! If you do not report bugs, send
feedback, or are otherwise generally informative of the problems you are
having, we cannot solve your problems. Although I feel many of the Group
members are incredibly intelligent people, we *CANNOT READ MINDS*!
I'm one of the primary coders on suEXEC, and while I am not infallible, I
do keep a hardcopy of every bug-report, problem email, or USENET article
that I run across. As we solve the problems, the people are contacted and
the bug is scratched off the list. I've gone through my current log, and
I have no record of any bug reports from you at all.
Yes, your "feedback" letter was received on Saturday. The Group reviewed
it sometime in the middle of the week. However, your feedback letter, as
well as your private letters to me have been filled with snide comments
and remarks rather than bug reports and specific problem information.
Until we receive such from you, we cannot make certain your concerns
recieve their due attention.
If you want more information on the WWW page, send it as feedback or as a
bug report. We'll review it... Since I do not maintain the WWW site, I
won't speak for what we can or can't do...but all comments and criticism
are given consideration.
If you are willing to swallow your bile long enough to give us specific
examples of where there are bugs, where our code is "horrible," or even
where you claim we have faulty logic, we will do everything in our power
to help you and solve those problems... Contrary to what you might think,
we are not taking this situation lightly...particularly in regards to
suEXEC. But without your help, our hands are tied.
I'm glad you're mostly happy with Apache. I would love to make you
completely happy with Apache. Just give us a fair chance...
Sincerely,
Jason
# Jason A. Dour <ja...@bcc.louisville.edu> 1101
# Programmer Analyst II; Department of Radiation Oncology; Univ. of Lou.
# Finger for URLs, PGP public key, geek code, PJ Harvey info, et cetera.
Bcc: Apache Devlopment Group
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMujUQpo1JaC71RLxAQF+7QP/cQMQ1lby4jdLwV2ljFkkBnSqOu6CqiBq
q1y205gOnlnLscXMJbVPQhYe2nWU0anO6KhiA2Xsol3F0PRqrScbyKWdKpP9Jfbw
kgDjLPLDCAb1evzDKcapnEEwMbD+Tk0hvPx8xjoAnC3TOq6y0rS8iWOF1hvPxUz+
mgAegI/S4ww=
=1iMg
-----END PGP SIGNATURE-----
Re: Apache 1.2b4 and suexec
Posted by "Jason A. Dour" <ja...@bcc.louisville.edu>.
-----BEGIN PGP SIGNED MESSAGE-----
To try to help ease your testing... I'm attatching the latest development
(b5dev) version of suexec.c and suexec.h.
If you have any problems, please let us know... At present there is a
known bug when passing a CGI argument such as:
http://www.some.com/~whoever/cgi-bin/somecgi?somearg
This will fail...we are working on it.
We're also beefing up the comments in the code, as well as some other
security minded issues... The development version can always either be
obtained through me, or through the Apache FTP site...
Jason
# Jason A. Dour <ja...@bcc.louisville.edu> 1101
# Programmer Analyst II; Department of Radiation Oncology; Univ. of Lou.
# Finger for URLs, PGP public key, geek code, PJ Harvey info, et cetera.
Bcc: Apache Development Group
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMujkcpo1JaC71RLxAQHVbAQAmCkXnZDjVaz0jkDc8C0E8wmhd6fVHtCU
e/Tv3tIyIiaKyXKmjssOIGvrkZdeeBoHJ/vmfO9GgQ7hRf1944XEzntW4Bj+uqfs
2QpXtWKsOF9icsmL6pECzCUL2tNDNxpnlZdc3zMhZVmnICspUVBCSzgW7sXywUuR
SQbYoyVTZrM=
=w1Mj
-----END PGP SIGNATURE-----