I have run httpd in chroot with no-su mode enabled, and everything works good. Users can only view files what are in chroot and another users configuration. You need root only to bind to 80/tcp, and then httpd can be run by unpriviledged user.Solution: Chroot environmentI believe chroot must be run by user root. That would keep it from running in no-su and single-user modes.
or change tmda-cgi that it can read only files in user .tmda directory.I think that would be too restrictive. SysAdmins often use global
lists
Me too :-) and I see no reason why the user shouldn't be able to view
these.You have right.
Maybe You can add some configuration variable, where filter lists can be stored?Perhaps an re string that the SysAdmin can set, to specify where filter lists can be stored? Perhaps one for R/W and one for R/O?
Right now one user can change configuration of another user!
Best Regards Maciej Bogucki
_________________________________________________ tmda-workers mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-workers
