Hi Lynn At 14:25 17.11.2002 -0600, you wrote:
> I wou like to get a general feeling about allowing write to the file > system for cgi-scripts in weblet. Is is reasonable to do that opening > grsecurity for the various scripts or rather implementing a sudo like > binary which is allowed to write. I would suggest trying the su-wrapper binary I've compiled (still not fully tested. The security risks in doing this via scripts is mind-boggling. The binary and readme is attached.
Thanks I'll give it a try.
Would you not think that the ACL's which are supported with grsecurity would be a perfect means for such a protection. I have not played with it but the little bi I gathered from their documentation sounded real attractive.> Is grsecurity a problem at all for this? I don't believe so.
Erich
THINK
Püntenstrasse 39
8143 Stallikon
mailto:[EMAIL PROTECTED]
PGP Fingerprint: BC9A 25BC 3954 3BC8 C024 8D8A B7D4 FF9D 05B8 0A16
-------------------------------------------------------
This sf.net email is sponsored by: To learn the basics of securing
your web site with SSL, click here to get a FREE TRIAL of a Thawte
Server Certificate: http://www.gothawte.com/rd524.html
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html