On 2016-02-29 06:06, Jim Jagielski wrote:
First of all, the idea is that the admin "trusts" whatever users are allowed to use suexec. It's also understood that the risk associated is directly related to how well tied-down the user account itself is.
It's more of a first-past-the-door situation. By definition, any suexec-ed file will have at least one daemon-modifiable executable, and one daemon-modifiable folder available to be exploited. That's taking "trust" farther than strictly necessary.
