On Wed, Jan 20, 2010 at 8:19 PM, pqf p...@mailtech.cn wrote:
I man seteuid in my Linux box, there are two types of errors:
ERRORS
The seteuid() function shall fail if:
EINVAL The value of the uid argument is invalid and is not supported by
the implementation.
EPERM The
Hi, Jeff
Your concerns are right, +1 for your patch :)
Thanks
--
From: Jeff Trawick traw...@gmail.com
Sent: Thursday, January 21, 2010 9:23 PM
To: dev@httpd.apache.org
Subject: Re: [mod_fcgid PATCH] catch errors from setuid()/seteuid()
On Wed
During the last hackathon, Paul was kind enough to run the clang/llvm
static analysis on mod_fcgid
(http://zeus.kimaker.com/~chip/fcgid-scan/). That pointed out these
setuid()/seteuid() calls that aren't checked prior to running a child.
The error checking itself is simple enough, but there's an
?
--
From: Jeff Trawick traw...@gmail.com
Sent: Thursday, January 21, 2010 5:38 AM
To: dev@httpd.apache.org
Subject: [mod_fcgid PATCH] catch errors from setuid()/seteuid()
During the last hackathon, Paul was kind enough to run the clang/llvm
static analysis on mod_fcgid
(http