I agree with you on that setting the used id on compile time would cause trouble for those using prebuild packages, but setting it as a runtime option gives room to a potential security flaw.
I would like to hear from this list about this. On Wed, Mar 10, 2010 at 4:47 AM, Jani Ollikainen <[email protected]> wrote: > On 09/03/10 20:41, corrideat wrote: >> So, I've I got it right the patch should cover the following: >> . A User/Group that is allowed to own everything. Probably, this >> should be set at compile time for integrity and enhaced security. >> . An optional diective (server side), which can be turned off at >> compile time, to permit those files owned by the shared user ONLY to >> RUN as the shared user. >> This shouldn't be that hard to add to suPHP. If I have time this >> weekend, I'll submit the corresponding patch. > > Well pretty much it, of course setting something during compile time > versus config makes them bad for making packages that will suit > many. > > That optinal directive sounds like existing feature of suPHP, > I mean doesn't it do the same as --with-setid-mode=owner, or did > you mean that to be extra setting that if there's shared files they > are run with shared user, but normal files are done with setid-mode? > > But maybe Conor could say something as he was the first to post about it. > > And that Dave's patch seems also a good and possible way to do it, but > unfortunately I don't have time to work on this now and test would it > suit my needs. > > >> >> On Mon, Mar 8, 2010 at 8:55 AM, Dave Ingram<[email protected]> wrote: >>> Jani Ollikainen wrote: >>> >>> On 06/03/10 20:08, Conor Clafferty wrote: >>> >>> >>> e.g. /usr/share/mysharedfolder should be allowed to be executed by any >>> of my users but not writeable. >>> >>> >>> That sounds a feature that I would also appreciate. Now as I cannot even >>> use symlinks to do that my only option has been to copy the files to >>> everyone. >>> >>> But how that would be easiest to implement? One thing comes to my mind >>> that is having a configuration setting of the owner whose files everyone >>> can run. Like: >>> >>> shared_user=username >>> >>> Then every file that is owner by username would be allowed to run by >>> the users. Then in my configuration I could use symlinks to >>> /usr/share/mysharedfolder. >>> >>> This would add some checks to permissions checks but shouldn't slow >>> it down much. >>> >>> So who wants to implement that? (Or some better way of doing it:) >>> >>> >>> I've implemented something similar -- the patch is at >>> https://lists.marsching.com/pipermail/suphp/2009-September/002209.html >>> >>> The basics are that it allows you to turn off user checks and rely on group >>> checks instead. It should also be possible to modify it to handle a >>> "trusted" set of users/groups. If you want, I can probably knock that >>> together tonight. >>> >>> >>> Dave >>> >>> _______________________________________________ >>> suPHP mailing list >>> [email protected] >>> https://lists.marsching.com/mailman/listinfo/suphp >>> >>> >> >> >> > > > -- > Yhteistyöterveisin, > Jani Ollikainen @ Pronetko Networks Oy > > _______________________________________________ > suPHP mailing list > [email protected] > https://lists.marsching.com/mailman/listinfo/suphp > -- Ricardo I. Vieitez Estudiante secundario [email protected] Página web personal: msl37.org Bitácora: blog.msl37.org _______________________________________________ suPHP mailing list [email protected] https://lists.marsching.com/mailman/listinfo/suphp
