PHWinfo - Afficher un message - No such file or directory .... ??? Configuration Error

08/02/2008, 15h58

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

phantom wrote:
> "ed" <ed@example.test> wrote in message
> news:bgYqj.5257$NL3.24@newsfe2-gui.ntli.net...
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> phantom wrote:
>>
>>>> 1.
>>>>
>>>> Don't leave the file owned as root:root. That's just *ASKING* for
>>>> trouble.
>>>>
>>> Why? leaving the file owned as root prevents any other user on that box
>>> from
>>> altering it.
>> Uhh.
>>
>> It also means that if suexec wants to execute it with the OWNER UID,
>> then that's a bad thing... really bad.
>>
>
> The ownership of the file doesn't stop root executing it -
> If you manage to configure your server so that suEXEC can run programs as
> root then root will be able to run the script.
>
> You don't appear to understand how suEXEC actually works.

Why would you want to stop root executing it? The idea is to stop the
web server executing a script which will run as root.

Attempting to stop an administrator of a host from getting to files is
just stupid.

- --
The HSSI to the mcu is screwed because of BobaFett.
The Empire is practising the jedi mind trick.
:: http://www.s5h.net/ :: http://www.s5h.net/gpg.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHrG504dyr7s6PRYgRAsBNAJ9qMozWABpwQvejxb4OXl X959IC7ACePaXw
cfTMkznRL3P93+xzLl8n5yo=
=pJvy
-----END PGP SIGNATURE-----

08/02/2008, 15h58	#7
ed Messages: n/a Hébergeur:	Re: No such file or directory .... ??? Configuration Error -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phantom wrote: > "ed" <ed@example.test> wrote in message > news:bgYqj.5257$NL3.24@newsfe2-gui.ntli.net... >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> phantom wrote: >> >>>> 1. >>>> >>>> Don't leave the file owned as root:root. That's just ASKING for >>>> trouble. >>>> >>> Why? leaving the file owned as root prevents any other user on that box >>> from >>> altering it. >> Uhh. >> >> It also means that if suexec wants to execute it with the OWNER UID, >> then that's a bad thing... really bad. >> > > The ownership of the file doesn't stop root executing it - > If you manage to configure your server so that suEXEC can run programs as > root then root will be able to run the script. > > You don't appear to understand how suEXEC actually works. Why would you want to stop root executing it? The idea is to stop the web server executing a script which will run as root. Attempting to stop an administrator of a host from getting to files is just stupid. - -- The HSSI to the mcu is screwed because of BobaFett. The Empire is practising the jedi mind trick. :: http://www.s5h.net/ :: http://www.s5h.net/gpg.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHrG504dyr7s6PRYgRAsBNAJ9qMozWABpwQvejxb4OXl X959IC7ACePaXw cfTMkznRL3P93+xzLl8n5yo= =pJvy -----END PGP SIGNATURE-----