On Tue, Dec 15, 2009 at 9:33 PM, Graham Dumpleton
wrote:
>
> There is a lot more to it than that.
>
> Parts of the code of an Apache module that are run in Apache parent
> process will run as that user, normally root, but handling of actual
> requests in an Apache worker process are done as less p
Graham Dumpleton writes:
> 2009/12/16 Dan Poirier :
>> Jordi Prats writes:
>>
>>> If you start apache with root as usual, you realize that every module
>>> is able to run code with root privileges:
>> ...
>>> Why is coded this way? Shouldn't run with lower privileges?
>>
>> No. That's not the pu
Jordi Prats wrote:
> I've a question about module's permissions. A module with a hook on
> post_config like this:
>
> static int sixs_code_config(apr_pool_t *p, apr_pool_t *log, apr_pool_t
> *temp, server_rec *s)
> {
> system("id >/tmp/id_apache_baltar");
> return OK;
> }
>
> ap_
2009/12/16 Dan Poirier :
> Jordi Prats writes:
>
>> If you start apache with root as usual, you realize that every module
>> is able to run code with root privileges:
> ...
>> Why is coded this way? Shouldn't run with lower privileges?
>
> No. That's not the purpose of apache modules.
There is a
Jordi Prats writes:
> If you start apache with root as usual, you realize that every module
> is able to run code with root privileges:
...
> Why is coded this way? Shouldn't run with lower privileges?
No. That's not the purpose of apache modules.
