You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Paul Richards <pa...@alpha.netcraft.co.uk> on 1995/10/04 15:18:06 UTC
WWW Form Bug Report: "Seems to ignore file modes even when not running as root" on FreeBSD (fwd)
Any ideas?
In reply to archie@tribe.com who said
> From nobody@hyperreal.com Wed Oct 4 03:38:25 1995
> Message-Id: <19...@taz.hyperreal.com>
> From: archie@tribe.com
> To: paul@FreeBSD.org
> Date: Tue Oct 3 19:38:52 1995
> Subject: WWW Form Bug Report: "Seems to ignore file modes even when not running as root" on FreeBSD
>
> Submitter: archie@tribe.com
> Operating system: FreeBSD, version: 2.0.5
> Extra Modules used: none
> URL exhibiting problem:
>
> Symptoms:
> --
> The httpd binary must be setuid-root in order to bind to port 80. In conf/httpd.conf I have the lines User www Group www User "www" is a normal user on my system. However, I can still access this file via the server: -rw------- 1 root bin 3828 Oct 3 19:07 doc.shtml Shouldn't I not be allowed to read this since the httpd server is running as user "www" ? A "ps" listing shows two httpd processes both running as root. The Apache version is 0.8.14. Thanks for a great server! -Archie
> --
>
> Backtrace:
> --
>
--
Paul Richards, Netcraft Ltd.
Internet: paul@netcraft.co.uk, http://www.netcraft.co.uk
Phone: 0370 462071 (Mobile), +44 1225 447500 (work)