"William A. Rowe, Jr." wrote:
>
> It is as secure as any other _Apache_ authn/authz
> configuration, I suppose. It needs to be clear that
> it is _not_ as secure as os kernel authn/authz.
>
> This is pretty obvious to us, but might not be so
> obvious to some admins. Because we are tying the
> 'user' or 'group' to an os placeholder, they need
> to know it's only as strong as the _Apache_
> configuration allows, and that this isn't a kernel
> authn/authz. Unlike suexec, which compares os kernel
> identifies between the symlink and it's target, we
> are comparing an Apache admin's identifer to an os
> kernel identifier. Does that make sense?
Now it does, yes. I will see that the documentation
make it clear. Thanks for clarifying! We were in
agreement all along, but just did not know on what. :-)
--
#ken P-)}
Ken Coar, Sanagendamgagwedweinini http://Golux.Com/coar/
Author, developer, opinionist http://Apache-Server.Com/
"All right everyone! Step away from the glowing hamburger!"
