[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Apache/suexec (was Re: Debian Apache Packaging - Option 4!)

> Not really, it's a security file: you can't change your area without
> recompiling. I can see the use for this: h4x0rs can't just change a
> config file and have a completely different suexec area, of their own
> choosing.

Of course, if they can get write access to said config file they
probably don't _need_ a special suexec area.  They also probably have
write access to the suexec binary, and could simply modify it directly
(this is what I did - no recompile - to get suexec working for my



Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: