On 1/28/08 4:35 AM, "Ivan Ristic" <[EMAIL PROTECTED]> wrote: The FastCGI process is likely to be running under a different > account, but here we have a facility that allows that other process to > use the privileges of the Apache user to fetch a file. I can see how > this feature could easily find its way to the list of small tricks > that can be used to compromise a web server installation, one step at > a time.
Perhaps. Most of out fastcgi stuff gets executed by httpd, so it has the same privileges. Also php under fastgci has access to everything completely outside httpd, for example. I guess if we choose to include support, but the appropriate security warnings. Also, this approach will use all the normal httpd file access controls rather than just grabbing it "directly." It is also a "first draft" and I'm sure needs work, but I'd like us to push to get xsendfile into core. It's already Apache license, if that helps. -- Brian Akins Chief Operations Engineer Turner Digital Media Technologies
