Re: Technical committee acting in gross violation of the Debian constitution
- To: debian-devel@lists.debian.org
- Subject: Re: Technical committee acting in gross violation of the Debian constitution
- From: "Enrico Weigelt, metux IT consult" <enrico.weigelt@gr13.net>
- Date: Thu, 04 Dec 2014 16:35:36 +0100
- Message-id: <[🔎] 54807F48.9060103@gr13.net>
- In-reply-to: <1417198186.4622.4.camel@scientia.net>
- References: <20141116001628.GO32192@teltox.donarmstrong.com> <201411251941.16723.envite@rolamasao.org> <CAKTje6ECfcV=F5Qou3OJXNTqN23u6Hv9OHyYxhAarmy5SjFtWA@mail.gmail.com> <201411262329.26670.envite@rolamasao.org> <87zjbd33to.fsf@hope.eyrie.org> <1417047554.17080.2.camel@kagura.malsain.org> <E1Xu5h6-0007GZ-6S@swivel.zugschlus.de> <877fyg8emt.fsf@vostro.rath.org> <E1XuPus-0002za-AR@swivel.zugschlus.de> <1417198186.4622.4.camel@scientia.net>
On 28.11.2014 19:09, Christoph Anton Mitterer wrote:
> For many things, CGI is actually the only way to run them securely,
> since it's the only way to run foreign processes in a container
> environment (chroots, etc.) or with user privilege separation.
Not entirely true. About a decade ago, I've wrote muxmpm, which ran
individual sites under their own uid/gid, chroot, etc. That made things
like cgixec, php's safe_mode etc practically obsolete.
It was even shipped by several large distros, eg. suse (the orignal
one, not novell).
cu
--
Enrico Weigelt,
metux IT consulting
+49-151-27565287
Reply to: