> Why would it be more secure? I do agree that on a vanilla system the > setuid way seems the easiest to setup.
Nils, Good point, I was probably basing my comments more on the work-arounds I have seen people doing in order to get sperl + setuid working on certain systems. Possibly a case where elegance and ease of use makes for better security. I also have noticed that fewer distros are shipping with sperl now, possibly to discourage it's use? That's what I remember reading something about. At any rate, I certainly don't want to kick off one of those security themed geek-show-downs where a bunch of admins banter back and forth about CERT recommendations. The point is probably irrelevant anyway because the use of CGI itself is the weakest link here security wise. So if security is the #1 priority, mod_perl is the way to go. I just found it too inflexible for my shared setup and liked the elegance of mod-suexec over sperl. Peter ----- Fight back spam! Download the Blue Frog. http://www.bluesecurity.com/register/s?user=Z3VtbWll __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/backuppc-users http://backuppc.sourceforge.net/
