- Original Message -
> Hi Igor,
>
> I think you are wrong.
>
> I wrote this simple program that does what I suggested:
> #include
> #include
> #include
>
> int main(int argc, char** argv){
>
> uid_t low_uid = 1000;
> uid_t high_uid = getuid();
>
> seteuid(low_uid); // drop privilege
>
Hi Igor,
I think you are wrong.
I wrote this simple program that does what I suggested:
#include
#include
#include
int main(int argc, char** argv){
uid_t low_uid = 1000;
uid_t high_uid = getuid();
seteuid(low_uid); // drop privilege
const char* fileName="test.txt";
FILE* file = fopen(fileNa
I tried editing the closing tags and the +SuppressHTMLPreamble edit but
nothing is changing.
The module man pages are confusing for me and I don't fully understand how
I need to enter the edits.
I am in the process of un-installing Apache and will re-install the thing
because I'm not certain any l
- Original Message -
> >
> > What would it do when the file already exists and is owned by root?
> > :)
> >
> >
> > It is hard to distinguish between "file owned by root, but we
> > should
> > append to it" and "file owned by root and the admin made a mistake
> > in
> > the conf file".
> AFAIK, this solves the issue I raised. If I miss any
> point, please let me know.
Your procedure leaves the logfile deleteable by the unprivileged
apache user since they were able to write to the directory to create
it.
-
The o
- Original Message -
> Hi Tom,
>
>
> thanks for the answer. It makes perfect sense.
>
>
> The solution I thought about is a bit more complex. I did not go
> through the Apache code, so below is just a sketch.
>
>
> seteuid(${APACHE_RUN_USER}); //drop privileges
> open(${ErrorLog}); //open
On Thu, Nov 24, 2011 at 12:44 PM, rota regi wrote:
> I am reading Pro Apache and feel completely lost at many times. What did u
> start from ?
>
That question is too broad.
Instead of trying to learn everything about Apache, I suggest that you
write out what you are trying to accomplish and ask
>
> What would it do when the file already exists and is owned by root? :)
>
>
> It is hard to distinguish between "file owned by root, but we should
> append to it" and "file owned by root and the admin made a mistake in
> the conf file". The former is the usual case when starting a server
> wi
I am reading Pro Apache and feel completely lost at many times. What did u
start from ?
On Thu, Nov 24, 2011 at 5:03 PM, Silviu Andrica
wrote:
> Hi Tom,
> thanks for the answer. It makes perfect sense.
> The solution I thought about is a bit more complex. I did not go through the
> Apache code, so below is just a sketch.
> seteuid(${APACHE_RUN_USER}); //drop privileges
> open(${Error
Hi Tom,
thanks for the answer. It makes perfect sense.
The solution I thought about is a bit more complex. I did not go through the
Apache code, so below is just a sketch.
seteuid(${APACHE_RUN_USER}); //drop privileges
open(${ErrorLog}); //open file
seteuid(0); // get back root privileges
chown
On Thu, Nov 24, 2011 at 3:53 PM, silviu andrica
wrote:
> Hi,
>
> I noticed that in Apache/2.2.20 (Ubuntu), the ErrorLog is opened as root,
> although the User is set to ${APACHE_RUN_USER}.
> My concern is that if I make a mistake in ErrorLog, then I can damage any
> file on my system because of a
Hi,
I noticed that in Apache/2.2.20 (Ubuntu), the ErrorLog is opened as root,
although the User is set to ${APACHE_RUN_USER}.
My concern is that if I make a mistake in ErrorLog, then I can damage any
file on my system because of a stupid copy-paste error.
I was wondering what is the reason Apache
- Original Message -
>
>
> Igor,
> so you are saying this is a bug in the precompiled version of apr
> 1.2.2 in sunfreeware.com ?
Probably. There shouldn't be an apr_off_t mismatch in OpenCSW, we create
Headers to match for 32/64bit systems like this:
http://lists.opencsw.org/pipermail/
Igor,
so you are saying this is a bug in the precompiled version of apr 1.2.2 in
sunfreeware.com?
2011/11/24 Igor Galić
>
>
> - Original Message -
> >
> >
> > i am trying to ask this again:
> > i supply an apache 2.2 module to my customers. naturally, i need to
> > build my module for ea
- Original Message -
> Stan,
>
> Stan Laughlin schrieb (23.11.2011 22:26 Uhr):
>
> > This is the HEADER.html
> >
> >
> > "STAN'S DOC INDEX"
> >
> >
> >
> >
> > This is the README.html
> >
> >
> > "README FILE
> >
> >
> > README FILE
> > p>This is
- Original Message -
>
>
> i am trying to ask this again:
> i supply an apache 2.2 module to my customers. naturally, i need to
> build my module for each OS, cpu architecture & bit scheme. So, if
> my customer has Apache 2.2 on solaris sparc 32 bit - that's what i
> need to build.
>
> ho
Stan,
Stan Laughlin schrieb (23.11.2011 22:26 Uhr):
This is the HEADER.html
"STAN'S DOC INDEX"
This is the README.html
"README FILE
README FILE
p>This is the readme file
"If the file specified by HeaderName contains the beginnings of an HTML
doc
On 22/11/2011 15:19, Sandro Tosi wrote:
> Hello,
> I'm a situation where I can can control the webserver configuration, but users
> are free to use .htaccess, and so also write wrong/unsupported options in
> there
> (f.e. php_flag when we launch PHP via CGI).
>
> I'd like to simply skip those err
On 23.11.2011, at 21:22, Tim Streater wrote:
> I'm looking at how apache is set up under OS X Lion and Snow Leopard. It
> seems to me in both cases that, for the default apache config, fast-cgi is
> disabled as the corresponding LoadModule is commented out. Is there a
> particular reason why t
20 matches
Mail list logo
