Re: Limiting User Commands

To: debian-isp@lists.debian.org, debian-user@lists.debian.org
Subject: Re: Limiting User Commands
From: Stephen Le <zeroion@gmail.com>
Date: Sun, 7 Nov 2004 11:14:53 -0800
Message-id: <[🔎] 3f9fee510411071114251a0376@mail.gmail.com>
Reply-to: Stephen Le <zeroion@gmail.com>
In-reply-to: <[🔎] 871xf5tzbc.fsf@toncho.dhh.gt.org>
References: <[🔎] 3f9fee5104110509315629b895@mail.gmail.com> <[🔎] 20041105231328.GB16508@aokiconsulting.com> <[🔎] 3f9fee510411051535a4ad332@mail.gmail.com> <[🔎] 20041107141416.GA11837@steve.org.uk> <[🔎] 871xf5tzbc.fsf@toncho.dhh.gt.org>

On Sun, 07 Nov 2004 10:10:31 -0600, John Hasler <jhasler@debian.org> wrote:
> Steve Kemp writes:
> > If you give people the ability to upload CGI scripts, like the perl
> > example you mention, you've already lost - a malicious user could compile
> > some C code statically and exectute that remotely.
> 
> No need for C.  Perl suffices.

I should be able to restrict a user's Perl scripts using Apache's
suEXEC. I don't see how a user would be able to remotely execute a
compiled C program outside of their priviledges.

-Stephen Le

Reply to:

Follow-Ups:
- Re: Limiting User Commands
  - From: John Hasler <jhasler@debian.org>

References:
- Limiting User Commands
  - From: Stephen Le <zeroion@gmail.com>
- Re: Limiting User Commands
  - From: Osamu Aoki <osamu@debian.org>
- Re: Limiting User Commands
  - From: Stephen Le <zeroion@gmail.com>
- Re: Limiting User Commands
  - From: Steve Kemp <skx@debian.org>
- Re: Limiting User Commands
  - From: John Hasler <jhasler@debian.org>

Prev by Date: Re: Limiting User Commands
Next by Date: RE: Limiting User Commands
Previous by thread: Re: Limiting User Commands
Next by thread: Re: Limiting User Commands
Index(es):
- Date
- Thread