 |
| Prev-20 | Home | Next-20 |
| Prev-20 | Home | Next-20 |
| Prev-Msg | Prev-Thread | Openbsd-misc | May-2008 | Next-Thread | Next-Msg |
| Subject: | Re: Apache suexec problem |
| Group: | Openbsd-misc |
| From: | Louis V. Lambrecht |
| Date: | 5 May 2008 |
> On Mon, May 05, 2008 at 11:39:03AM -0500, Chris Bennett wrote:
>
>> Actually I didn't, checked that right after I posted, BUT it was
>> already set as setuid!! A mistake in release??
>>
>
> No. There is no mistake.
>
> $ sudo chmod u+s /usr/sbin/suexec
> $ ls -l /usr/sbin/suexec
> -r-sr-xr-x 1 root bin 12068 Mar 12 12:41 /usr/sbin/suexec
> $ ftp -V -o - $MIRROR/pub/OpenBSD/4.3/i386/base43.tgz \
> | sudo tar zxphf - -C /
> $ ls -l /usr/sbin/suexec
> -r-xr-xr-x 1 root bin 12068 Mar 12 12:41 /usr/sbin/suexec
>
>
> Are you running in a chroot?
>
>
>
Ha!
I understand setuid and UID/Gid root/bin for suexec,
but shouldn't the executables be made www/www with authorized users
members of www group?
Default suexec -V
shows no access for UID/GID < 1000, so www would not work either.
Also, suexec -V shows public_html enabled, just need to edit the
httpd.cong to allow it also.
Again a problem as / and .. are disallowed, so, no Perl.
The manual page on the local Apache server have been written by
linguists, not eager to learn
computer users.
Redaing the thread, I understand I am not the only unfortunate. Sadly said.
| Prev-Msg | Prev-Thread | Openbsd-misc | May-2008 | Next-Thread | Next-Msg |