On Thu, Jul 19, 2012 at 05:26:23PM +0100, Nick Kew wrote: > How does it protect against such potential attacks as running an > external program as root through a RewriteMap running earlier > than the directory walk?
By the way, I actually tried this under prefork. I compiled httpd-2.4.2 with prefork and the following configuration in a vhost: RewriteEngine on Rewritemap examplemap prg:/home/sesse/mymapper.pl RewriteRule /invalid %{examplemap:$1} and lo and behold, mymapper.pl is started as root. mod_rewrite seems to open the map programs already when parsing the configuration file, which is before the MPMs' hooks run (and that's when prefork drops its privileges). /* Steinar */ -- Homepage: http://www.sesse.net/