I did find the following, which seems relevant but I have no idea if
doing this would be ok or not.
Number: 6637
Category: suexec
Synopsis: suexec doesn't use setusercontext() and related
Confidential: no
Severity: non-critical
Priority: medium
Responsible:
I also just found on openbsd.org/plus34.html:
Use setusercontext(3)
http://www.openbsd.org/cgi-bin/man.cgi?query=setusercontextsektion=3
instead of roll-your-own in httpd(8)
http://www.openbsd.org/cgi-bin/man.cgi?query=httpdsektion=8, so that
login.conf(5)
I've looked a bit at suexec, trying to make it go saner. I still cringe.
The model is intrinsically broken, for a lot of reasons. I don't think it's
feasible to fix suexec for real.
You've got to realize that suexec basically *elevates* a process to root,
making its decision on its name and
On Mon, May 05, 2008 at 08:36:27AM -0500, Chris Bennett wrote:
I am upgrading 4.0 to 4.3, overwriting everything to change partition
layout.
Apache seems to be working fine except for cgi
I get in suexec_log:
[2008-05-05 00:53:03]: info: (target/actual) uid: (chris002/chris002) gid:
Actually I didn't, checked that right after I posted, BUT it was already
set as setuid!! A mistake in release??
Dan Harnett wrote:
On Mon, May 05, 2008 at 08:36:27AM -0500, Chris Bennett wrote:
I am upgrading 4.0 to 4.3, overwriting everything to change partition
layout.
Apache seems to
On Mon, May 05, 2008 at 11:39:03AM -0500, Chris Bennett wrote:
Actually I didn't, checked that right after I posted, BUT it was
already set as setuid!! A mistake in release??
No. There is no mistake.
$ sudo chmod u+s /usr/sbin/suexec
$ ls -l /usr/sbin/suexec
-r-sr-xr-x 1 root bin 12068 Mar
On 2008-05-05, Chris Bennett [EMAIL PROTECTED] wrote:
I am upgrading 4.0 to 4.3, overwriting everything to change partition
layout.
Did you somehow end up with suexec on a partition mounted nosuid?
Good idea, but I just checked and /usr is not nosuid
Stuart Henderson wrote:
On 2008-05-05, Chris Bennett [EMAIL PROTECTED] wrote:
I am upgrading 4.0 to 4.3, overwriting everything to change partition
layout.
Did you somehow end up with suexec on a partition mounted nosuid?
I tried renaming suexec to suexec.bak
this produced the result of some scripts working, others don't
These are all tested scripts
I am now concerned that there may be a hardware problem
How can I check out the disk in OpenBSD? fsck doesn't seem to really do
any write testing.
I saw a previous
Dan Harnett wrote:
On Mon, May 05, 2008 at 11:39:03AM -0500, Chris Bennett wrote:
Actually I didn't, checked that right after I posted, BUT it was
already set as setuid!! A mistake in release??
No. There is no mistake.
$ sudo chmod u+s /usr/sbin/suexec
$ ls -l /usr/sbin/suexec
10 matches
Mail list logo