The following reply was made to PR suexec/237; it has been noted by GNATS. From: Marc Slemko <[EMAIL PROTECTED]> To: Bram Kivenko <[EMAIL PROTECTED]> Subject: Re: suexec/237: Inappropriate bypass of suexec / Inappropriate usage of suexec Date: Sun, 6 Apr 1997 17:53:40 -0600 (MDT)
> (a) Bypass: > I believe, that it is possible to bypass suexec with the use of an > "nph-*" > CGI. This gives server permission state to the CGI, could be root, or > possibly allow a user to erase the web server! Regardless of if you use suexec, you should not set the User directive to root or to anyone who can modify any of the config files, server binaries or logs. In any case, I have no problem using nph- CGI's with suexec. Are you perhaps calling it from somewhere other than a virtual host with a User directive or a user directory? > > (b) Usage: > I have since replaced the suexec utility, finding it rather dangerous, > however, what prevents someone running the suexec command from a shell > possibly to take advantage of extra executables in public_html > directory? There is an assumption made that any executables placed in what suexec things to be "web space" are really executable. This will be documented better and we are thinking of better ways to verify that the process is reall the server, but suexec is designed around the idea that even if someone with evil intent calls it things are still safe provided that users don't put silly executables in what suexec thinks is web space.
