On Sat, Jul 24, 2010 at 03:53:36PM +0200, Gilles Chehade wrote:
> You dont want to do that...
>
> Mayuresh Kathe <mayur...@kathe.in> a C)critB :
>
> >Has anyone experimented with using a set of shell scripts as CGI under the
> >stock Apache delivered with
> >OpenBSD?
>
longer answer now that i reached home:
1- the goal of the chroot is to prevent apache from accessing things outside
its root directory (/var/www) as a measure to limit for example an exploit
from executing a shell. if you bring the shell inside the chroot ... you
already defeat that.
2- shell scripts do not rely on shell builtins, so if you want to use them
inside the chroot you also need to bring all of the commands you plan
to use too. that means a large chunk of /bin and /usr/bin.
3- why oh why ?
--
Gilles Chehade
freelance developer/sysadmin/consultant
http://www.poolp.org
