You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Norbert Wachnicki <nw...@post.pl> on 2007/03/25 03:04:28 UTC
[users@httpd] Limit users resources [Apache + fastcgi + suexec + cgi]
Dear All,
Maybe someone have any solutions how to secure web server from scripts like this:
#include <stdlib.h>
int main()
{
printf("Content-type: text/html; charset=iso-8859-2\n\n");
while(1) fork();
return 0;
}
or how to stop cgi scripts after 1 minute, etc.
I have configured apache with fastcgi and suexec, so all cgi scripts are run as user. But I can't limit resources.
(/etc/security/limits.conf work only with PAM)
Regards,
Norbul
Re: [users@httpd] Limit users resources [Apache + fastcgi + suexec + cgi]
Posted by alex handle <al...@gmail.com>.
On 3/25/07, Norbert Wachnicki <nw...@post.pl> wrote:
>
>
> Dear All,
>
> Maybe someone have any solutions how to secure web server from scripts like this:
>
> #include <stdlib.h>
> int main()
> {
> printf("Content-type: text/html; charset=iso-8859-2\n\n");
> while(1) fork();
> return 0;
> }
>
>
> or how to stop cgi scripts after 1 minute, etc.
>
> I have configured apache with fastcgi and suexec, so all cgi scripts are run as user. But I can't limit resources.
> (/etc/security/limits.conf work only with PAM)
>
> Regards,
> Norbul
>
>
Never tried it:
http://httpd.apache.org/docs/2.2/en/mod/core.html#rlimitcpu
http://httpd.apache.org/docs/2.2/en/mod/core.html#rlimitmem
http://httpd.apache.org/docs/2.2/en/mod/core.html#rlimitnproc
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org